95b9f09f7591bec8bca8d31a33f8c9ef27294af4650fd8b9fef9639aa20a252d | Triage

Sharing

General

Target

d17c009df68620d29eb173042e53afc1_JaffaCakes118
Size

3.3MB
Sample

240907-j8kcksvapg
MD5

d17c009df68620d29eb173042e53afc1
SHA1

48a761e47fdb5b6717d3ca7716d63e5e743eeb2d
SHA256

95b9f09f7591bec8bca8d31a33f8c9ef27294af4650fd8b9fef9639aa20a252d
SHA512

553e9652a66a9b5389a7b4ec992a385c86c5a5b2368013d1b4c03158fb01e78607f6f17c2f0d6e343031eb1d8f6972db6516e3d362aa60558a01dcbbbdf8f383
SSDEEP

98304:STL0zRzLmJIpfocBpHwelXHrAPoiq++czwz4Jwgtj35N+H6fE:oL05m+5zH1XHrMT+s6geHN

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/tools/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/GB2312.js
- Size
  
  18KB
- MD5
  
  d2e3d97f59321b35911091824cc082d8
- SHA1
  
  d6c55ed3d75269577a7f8144b8bd84a897ebe9fc
- SHA256
  
  a3ed84d5bd7f7fc40ac4f0d0bd70f2dbdc3f65d2370c25aa796f316c946ec3a9
- SHA512
  
  79708dda31f0139aeb7d8cb8c8f5dfe2935096f1a6c383189d49b21adc7cb468f89210aa1538736ac95f0d17cc122cb1a70a0bd47f1d3d45aa083d9c179b5fa5
- SSDEEP
  
  384:xoJFqXnwpE8wkVCvY1BoEM3Qfyc4cA3Xjbjtvb7EXhtSM73C:e0nwpEbjQbTqQfbGXjbtihtDm
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/admin.js
- Size
  
  5KB
- MD5
  
  59d2ed37fd8089c976bf8df91c17dc3e
- SHA1
  
  b8bf2104cd2d18fc7de37ad58341fab90b85d580
- SHA256
  
  131b141926cd26ae301ca406dc9fa2b767da758055623e4ca9f9c82b10f1364a
- SHA512
  
  4a9dda2ba1fa9d6c40a08e08218b08416b9e8b7259ce5f6394f3bc59797c5caa4d7c7fd4c24a478d02f4bdd81a3f573f67dc04a56b0472bbbc92bf186ab7514b
- SSDEEP
  
  96:et/9+u99QUmXncWEx4CQ83Gq1sb1nVdyRWk4Y:U/9+u99QUm3cNOCQQGesblDyRWkz
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/admin_login.js
- Size
  
  473B
- MD5
  
  2d63e2e064b7e8471529f24daf7bb209
- SHA1
  
  5cd4aedc94aef84f294e76b3bf2f3ea79b08d15a
- SHA256
  
  216b73e5a3456d4685cb4daf1660a3b44efdfa8353cc17bc22e70d67bdb21b43
- SHA512
  
  b4b331b036f8c3cff945ed2b101f76fdcdde9b866de089ec372dfa9eef4c3b6e8732f693c9aecd55d9c9cfa9f8c5452af85993fad534048198ddf3618fb78929
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/blank.htm
- Size
  
  363B
- MD5
  
  b4fc7638db048e590fa4270bf5b44f28
- SHA1
  
  642bca73cd1cfbbe26ecf05dfcfcae569516cbc9
- SHA256
  
  18da6d1242e6387a4e6ad1aa9eef96b17d3d6c6764cbfc3cd570f06643cb1384
- SHA512
  
  23a887c09fba806bbbc13b6c18561b4795719614893f9c5ebb422978c59edf53eb25c71868ca8d00d29303cb24432f8763644fc2edf5ec93056892a026c8526c
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/common.js
- Size
  
  3KB
- MD5
  
  ac5548abc257b7469e47a235e8a335e5
- SHA1
  
  4ee6cc415473da424db480da058992d5fc36607a
- SHA256
  
  7eb7972338c30aa4f80ce8867c0cc44c6e5236e288cdb309ad5a2d5519b0e79f
- SHA512
  
  6dbf103edc43489f926fe029f6a597bfb1b44c35d50b2dfcdfe70dfa327c8be0ea19251ac67c5dca1f315d8f3bf8b803d98ea42ef05157668b7a3a67150ed759
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/down_samp.htm
- Size
  
  1KB
- MD5
  
  fc643fa5d36c60dbacba65171ed6e67a
- SHA1
  
  79091e1a24951eb99740d8cf25cdca81ff324884
- SHA256
  
  85756f45782bd79f6a22634ca38f11db9db80abfb220ad9454595f848e936b87
- SHA512
  
  a9e3afd08a4ebc252295f20086ac19fe32f7bf0e21a200fcd78a48fa7bf6980429604db2b1d6f1f134098471d1e4d03430da4dbc0a7d351a07314e6b90790b9e
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/langs/en.js
- Size
  
  2KB
- MD5
  
  768c4e0d7bcbb7211f002435fd17a3c1
- SHA1
  
  e93ec899a73440d1454f04663ac43623a72e8348
- SHA256
  
  a4c4024327cce92174990c2793a8256c4f8a7dd9aba5b1c4e97f407323b1ca89
- SHA512
  
  e5e6fa9126b074c5eed565f4a6fc8753d13053282e83dd282df29def41ed67199986ffb4c720f9568fc624b79c20e6a366384a2579828c74c8b804e33d91164e
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/langs/zh.js
- Size
  
  2KB
- MD5
  
  9aee1c58308d803b653852566c25564d
- SHA1
  
  453e7c34ae469f34b6ffe15f6600eee02f1d4507
- SHA256
  
  269511f789bbc9a620b1bf3cddea9e3c49bfc38ff5ade0bd20ada583d0ad69fb
- SHA512
  
  8e6a0f372bec0bd67a153b555a32c429c5d6c3bd7f73bce13f40387357d1db18710b309be2385ba381cfaa5255fd8b9317b8a53b6a84594ce6d8dea885236c3e
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/langs/zh_cn.js
- Size
  
  2KB
- MD5
  
  cb32ffdf35f36f4ff50cdf0409e34dae
- SHA1
  
  3a5f26df8a0f599b4e1a27daf34942c7ae588f4a
- SHA256
  
  9e61f3b97de8a84ac4cd360a759e620550fd772a7ae383c4eb0ac8ae22abef3b
- SHA512
  
  b19ff475f2dfeaa2c0fdb95b928753670ca4edfd4316d8852c8b7a9d558dd2ea6c5c04e12ceb6a8037c3a47312bc14459134cf7ba548241fd15853f7a1ed3bc8
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/plugins/advimage/editor_plugin.js
- Size
  
  1KB
- MD5
  
  e42c7973980557ce23ec9164a07ab97d
- SHA1
  
  5cc99f9e5920714e2ddda2e8c8a54038316c567c
- SHA256
  
  0b86b1a29697b242cb79660536ce0a759c9a470e8bd94192a6b28d554538ee99
- SHA512
  
  d532209b867482416b69e1e13147e644b66f405075edd06e4fcd8a4cb2af35fbced3d93ed30dce1435849b75b428e7fa6e02235f40566e972e7ae7cbdea24402
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/plugins/advimage/editor_plugin_src.js
- Size
  
  2KB
- MD5
  
  afe084d130b6ad9c9ebafe612ce5bbe8
- SHA1
  
  2f67f2398db45d63337ae138bd04099b50a1d9dd
- SHA256
  
  355baa25f304cf8888637b5c55ab47ae86332d7c6cbf2cf4c326a5cb0f652439
- SHA512
  
  83570d9d86e82068e8189f941c2d54231241f6b51a2852d55f49b73ca15e71222f9a38016e142417d28f633c4e28878c5e376d18603eed9f0b01e28514b28e3e
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/plugins/advimage/langs/en.js
- Size
  
  274B
- MD5
  
  d12f896eee04cad5d7137f4602ca08e7
- SHA1
  
  703b1e15033d3ce483d9520c35fb72eaf4192186
- SHA256
  
  28134f6f136247addca917fc7356ba7cdb1b95b9371647b39ba6190863e8ebbf
- SHA512
  
  9ee19f295c1ed59a434173aabb12c9dda4a03661916b5874b92f8e99e34da64f2c00d9e69aedadd5d5bd1e3837508a028ae586716581a007f8e9c0e5234b0739
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/plugins/advimage/langs/zh.js
- Size
  
  404B
- MD5
  
  b8600c19d97dcb9a51c1cba185524af4
- SHA1
  
  d1415fbebc609d44023605b0fa100eb031876a2a
- SHA256
  
  cc2ba587dc97062b76318fe76fe0aff77845fdca1724070fb8976fdc203dae54
- SHA512
  
  ce734859343fa1cf0937352e32e2116b68af89f28e130570318840d7826a1d4226fdf1828c61f01345cfad97abbe1b73a4556d947bc12f21e1e687016df7a65c
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/plugins/advimage/langs/zh_cn.js
- Size
  
  546B
- MD5
  
  bfe384fb51134ca00ae90139bd29ba9b
- SHA1
  
  d980155168696dadd52e7b731b25390e22c2d511
- SHA256
  
  87268ad9f2099a2e6ac540b3f3302cba163ef5c782a74f0ab7ad631c50d9bb46
- SHA512
  
  ced8c2f08f19a0b3950525542ed2acbd79ec600a916f680c69294668d57ac2210292ae2e2e19a039fba1fb5d9fce025df3d3c9eb84c232706f8ec37015cbb6ff
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  鸿天全站HUGESKY CMS V7.0.1.1/upload/admin/plugins/advlink/editor_plugin.js
- Size
  
  462B
- MD5
  
  b52e2f2ce339ef74923cf2756cb92d17
- SHA1
  
  ef3d8047ef197f41b256b6f45da0820415ed3198
- SHA256
  
  3e395a582ffb23fae255ce0c993e4d1729d3701e56f8948143120cde8cd6bb4f
- SHA512
  
  3bd95ec36c55027334a3ff38f817bfc3c77ec3de39b2d6589d81dc686c7c7fc6db894a59fd0d5f747455a7e982b89c8c9bcb72ea40d0c20858c53a6ad6f2250a
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32