064823dbff7338223ec6b6217ee67365dbc73dec68d52f62c621db15bea94595 | Triage

Sharing

General

Target

d5858f8630e312f3c42bfb3b29f82f3f_JaffaCakes118
Size

7.6MB
Sample

240909-c2l49szfqh
MD5

d5858f8630e312f3c42bfb3b29f82f3f
SHA1

c5f9906dc8d6ad883ff4cc8ffe02f946f0c779d9
SHA256

064823dbff7338223ec6b6217ee67365dbc73dec68d52f62c621db15bea94595
SHA512

f0edd72891e055e359218e40e0994241513ca9ece13f809f5bf3427a090f2ab951bed133ea2ea71bdf8c8c12527cfb055e2e617d694a242c60f81cbd1e6b93aa
SSDEEP

196608:qcnGlBXDBW/YqqcgWPI3GbJ/0EhJzyTUmRAkQMT8FgeEUNgGa:qcn4BXDBWAqvgWPtbF0ES1R3QY8mn0ba

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  Common/common_function.php
- Size
  
  10KB
- MD5
  
  ef9ae1065a6a5e2c21b87f90a8a26221
- SHA1
  
  74201dfb8c4d586ad8a1b96bf1f7fb8941c56359
- SHA256
  
  9e0494e398a0e0372b175638d211efe56faccc4328d17fe7eb369ee74fbd226f
- SHA512
  
  385b1f09d74f3afaa533885c72e4a8bcec52dedb511d96f7fb078e49579c863c921f8e9f358b89ce4b58c6b22a1f651abf24916f30538937d110b914119741bb
- SSDEEP
  
  192:l4W4OMIIv1XgXQ4QQZNlAGWQx/sug5gpu9UiiimnIum:l4/BIIv1XgTZtxy+mJiizj
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  Common/extend.php
- Size
  
  28KB
- MD5
  
  2f474c0d4f92c33b9e9e207d38a8a915
- SHA1
  
  a2e358d4da2787b58ac3c3eb6522232e637c694f
- SHA256
  
  e170869e600afedd75e2d64ea094dfd742745fd829d0297bc18f4b41d2cd0552
- SHA512
  
  bbbd1bf57a67546ed0efc7beeb082be0d8710d7f2d25fe1b721225f5566bbe9ab6d14331dbcd59191d66c1439f6c4796367b7432e0dba0ee35f543028fbf1b36
- SSDEEP
  
  768:15ducSwSGewARi/bAm3Q0Ul48NkaZTY9FveP:hPTA2bA7l48NzyNeP
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Lib/cache.class.php
- Size
  
  4KB
- MD5
  
  c95f4d3e6aa6342160e14d4eb3ac1a93
- SHA1
  
  24fa651ffd8b555b949b8c85813e54e5bf6e0b2e
- SHA256
  
  a0e1aa1181192c509490a340c34719a7ab87c55d8d7a87d0bdc3701fb2f81b5b
- SHA512
  
  4e2a6a36daee6c841c457118dc209df9df00bd20c60d82e27956c2e3e3308c03fbb3a8922ada39cefc70537e8f0c82e92ce18d1ca19041eec5266fec584d633e
- SSDEEP
  
  48:sIYGY5IgQsgRz+n927b+jjgMI4NSreGpspqzsT33j82HdOV0nZV8orDMi32XdASX:AQxz+n9iqjpI4ENoHjfHdOVu/nD54eSX
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Lib/cache/class_memcache.php
- Size
  
  744B
- MD5
  
  7c9731aec5acf282d1c4b60cc87fd1f3
- SHA1
  
  5a43c13c0046fe242507019938bdd402158ed54b
- SHA256
  
  01e3f7a0d6d666dad783e65fe8e31b9d0158a8c89c9d0454c47ae5e7657f4f91
- SHA512
  
  929e8d68c745ae30019c8e7da8699327946b9da616a37322cf66ec11f663a0128e6088c8606f504f99cf3e74b9a370a2b389666b0613dc24c3db61da7f2748c7
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Lib/db_mysql.class.php
- Size
  
  9KB
- MD5
  
  99245767098d5b6363b8224cf6f23670
- SHA1
  
  4b1d19ac0b56b922cab9ba48d0991db98c2404a7
- SHA256
  
  16c6a465927040b9ce90ce79b40b91cef8a9828a62b2c0c318f57d930d4e3f26
- SHA512
  
  dc793661597cf4d4a9b4ff4f69b8e8362e29fd10dc15a6c8db00c3d235cc7437a41736face353e7082d5145ee7d5932d6c16ce6cf113f2192ff6d560cd3ec0b9
- SSDEEP
  
  192:jULfC4yENQCJpwhMjPFjTh1ecMwu1X2p5:4LK4SsEM7RTGE5
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Lib/get.class.php
- Size
  
  5KB
- MD5
  
  62ffcf7cb4e974b82796f73b3f403d63
- SHA1
  
  0804548955ed1e11b68dfd519d2e80151629eec1
- SHA256
  
  8b48985f8f65ee71005efff34b958a076f74cc9e80c9273b8dcb5fef2f8878e8
- SHA512
  
  36c60ec13ab7bcbe335309ee59ff68c8d000b927f4d4eb66d884d19e1f721bb166225d718e55b529440ec583bc32fcaa8b6dac52a7d4d6c0d822c57a27586e36
- SSDEEP
  
  96:fNQu0l6TklPsh3wLyf3kmGR3kUbnzfDLnOwHB7VbHJhRE0/2Ul/HL/aCo:f6uC6wlPsh3wWGtn36whVBERUJa/
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Public/other/client/client.php
- Size
  
  29KB
- MD5
  
  bb0512e4e4d460705fd09686cfaa0cf7
- SHA1
  
  d3dd63c909f972031b16f6a78f8c394dded20e67
- SHA256
  
  839944817a6bfeea5c13f0b3501573a520d414ec1fcfa79a9dbd20166a9d61ea
- SHA512
  
  fe428f9ff09151223f7813b23e65c5801b4d0530a7fe9933a32b611e3be6a98623202450348f708155bd5306acb0cff1a7158ecef381bd0dc0b1899c0533bef4
- SSDEEP
  
  768:YfTPztAthPmHMV8WnS379bm2lQadKWmt4xya+isdwYxj1R:YfTmPPwMV8WSL9/lHdfmt4xcdwYxjP
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Public/other/client/control/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Public/other/client/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Public/other/client/lib/db.class.php
- Size
  
  4KB
- MD5
  
  663350eebb619031c22936940489b176
- SHA1
  
  d10ac4536c57f22a201b677a25e92e517d2bd476
- SHA256
  
  49ec0b05ae315ab2b7efba4f9e36173f351f17cf62ab566ea6e3b1b82b8c3edb
- SHA512
  
  7aca0ff0dc89ab673293e9f4b9ff6ea0dec5b053e2b2b0abb7b0f508804024a1f61bc2c4bc4393661cafd3aa014dc99890615c0c519ca00bfb35c428dc37d084
- SSDEEP
  
  96:8nPXPfafNDSINdnibjMwkMJ9kl+Q+bXUHY5crZTrCrgCvgQbi8f5:g/ESINuzVehv85
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Public/other/client/lib/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Public/other/client/lib/uccode.class.php
- Size
  
  4KB
- MD5
  
  6a2c42cb26c9d026c8a6d0ea5a159387
- SHA1
  
  505896e397859bce40c73cf94356aafa7a5d2590
- SHA256
  
  b5eea9a796ac83514e57be63f59dde2e2866dc548c8155dc7b9045684e47fce3
- SHA512
  
  3b562efa4daf4886714a6dc56283a4faaf60ff4912a482ae061d7f5a648411a893b418fa0686df7f737cc2290c76db09d2c85eb1f56f7ed06ca7d8e78e58ef19
- SSDEEP
  
  96:8ciF67yi+k/Gi0fiGo22RaXhtgVG52vS+omKE9lWdar778ba+pTOK0egd3:yVpjqGd2RQtgVG5AvP17g++pTs33
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Public/other/client/lib/xml.class.php
- Size
  
  2KB
- MD5
  
  2637a79f961ac5cce79ebe20e527a1bc
- SHA1
  
  7c9080b3934339458f279afa8c7182df03b6038a
- SHA256
  
  a6eaa10b17ec40c9bcfafe218033c6740521f24e160f33a42d78efb35b271a81
- SHA512
  
  6b6727493a72bc838f61b00bc559fd96261b90f237f375e889a6daca1077b0c233230cb5bcff5015b2499970d444808ce3fa2b5926020f481cc802928988a162
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Public/other/client/model/app.php
- Size
  
  783B
- MD5
  
  6e8835546304a66308d17e574034fd02
- SHA1
  
  38eaec02145698486cb4553196dc6715c4941150
- SHA256
  
  8635691af3d8cd22043061cf7eb600613a4114ec51b341255ef2f5776008fae5
- SHA512
  
  a87e560530eb376d9fe794ee45cfa0867ae888575bf9c905c302b70aaa5cfcd7b1351df5e6a380c33b0e04a15677c39a75dce5f6d3bd23d001d80099a0ccde12
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Public/other/client/model/base.php
- Size
  
  7KB
- MD5
  
  84ef1353871e91c0128cc07223b5c762
- SHA1
  
  6099c17735cea37be35d47eff730f5b51360bc91
- SHA256
  
  32abbfbae021b8922707d2708a02cec0ef259787e7e45abf66d2c70ba3295681
- SHA512
  
  0f9672b703882c628eb1b9a9b5fc1f66bb5e82ae28f4a4848c1bea4753d45fdea6510eb1168965a7c1875dcb1b1e95b203a19e9089d2df42df02ed49df7a8d96
- SSDEEP
  
  96:8nkgWmujwbxtIWW3L7puqTilnW15VzMySitzueh7VU6wncYmVl1/BQ6cQlGDpU3N:4vWmxNt5QM2aW15+ItjYSBz063N
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Public/other/client/model/cache.php
- Size
  
  2KB
- MD5
  
  4486c8d57f2ae7d4f9456120b8127df7
- SHA1
  
  67ed4db2990e86d37b7f1a3d875400d0198043fd
- SHA256
  
  9b9c64734e5d57430fd4f08c5860190fea5020420631ee8847f38091981d3e1b
- SHA512
  
  40dca571522825c8d65dcfd7c4d0369f4aa60d7efac3b589d9478fef62b070712357812d5afc9da15be188d807b8fcc72ba484e6d79f613e27e7c103325f1a4a
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32