eb0b91454454fb0d10bce34bed3cf745c54a05abdfc60552150d8f5832bf22db | Triage

Sharing

General

Target

e15d405f66f49e8ada2af3b43db7c245_JaffaCakes118
Size

2.9MB
Sample

240915-a2h2hawepq
MD5

e15d405f66f49e8ada2af3b43db7c245
SHA1

b6e21c18568df39fdaccf645e8158c6a236237be
SHA256

eb0b91454454fb0d10bce34bed3cf745c54a05abdfc60552150d8f5832bf22db
SHA512

b06cf7e09038383567710fef14fde10718d4bd64632515a1da9c6ca5a6e6f44808fcbebc2daf7af0d78a36f42450c0ff2603bc9fff0c87e0e767037dc4fd9a86
SSDEEP

49152:QevQfDkjU+M0vghu8qGx4Sms/Tmra7Vx5AwEGTQmE9bLInlnJn2bk2m1Z79cjlVt:Qevqf0vghuAxdfSo5xEgQm+bLIndOkVG

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  adminbiz/editbizinfo.php
- Size
  
  2KB
- MD5
  
  0b64feade82c4057bc088dd4ce0d4f1f
- SHA1
  
  23b68f4a64525116960110a68931a69d83d94678
- SHA256
  
  b1de0a0d9a4154fd7fcc02a310cbc7a83f29443a0103942396e06b1ab1339eb8
- SHA512
  
  e071db0c181b91e693a9b8dd90540ff57ccc79b4b8c4e114eacc83402a8d2d2a8eabe8812d3c175f48fd9b077e52d3eae6950a50fdd860a835be05609091715c
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  adminbiz/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral3 behavioral4
- Target
  
  ajax/bizcate.php
- Size
  
  1KB
- MD5
  
  8af884399472c33011e2daa603f0e585
- SHA1
  
  1cc00700bbda2a51b120fe7af88287e72d9a7de2
- SHA256
  
  8a91c833e3644502e5f116d1fa3d39d456fbf9b51b17f8a5d478c78c575febc7
- SHA512
  
  5a7a9b3d6015c31732e6f36081c9bd59f2766833b63e27fc35e3ddefcd67d89f6d3123856b338c11262b58292df3cce8d08e903fcce106ec31490a73fb40c8d3
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  api/js_dp.php
- Size
  
  1KB
- MD5
  
  893c69e2f4c46ce4ef85f31723258f86
- SHA1
  
  d637a9e29d0d241afdb48e7f722e8732c54552ba
- SHA256
  
  39b68ed5d365bb9c07456c303cb915ed2dbc4d5e0fa4ae3a46dee8827e2c4b4c
- SHA512
  
  1ce87d1fa9d827bd693476a1404be8f8f4117bb5c1edb36d398f1335fbd84c0a1ee639e703dcee884b33405612f7653efbaa1cf3b674dc6c840b413e1be18125
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  bizadmin/savebizinfo.php
- Size
  
  2KB
- MD5
  
  fd58037bfa3d1bddf61e903060df4911
- SHA1
  
  1248d31f6608ad95dece21aeebf919d350f7a48e
- SHA256
  
  82f5df75df4cc9d2bdcadb4c730a86023ea148f14db9bef31f93df7969efd91a
- SHA512
  
  381c23b1e5201a5ccc3bf22bbed8308a2878a2f08f8e410aa5af202ee57460f489b033afc9adad51dccffed104c24fca463942b09398138b62bae2b55eaca7b7
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  cms/search.php
- Size
  
  6KB
- MD5
  
  e2598159f19c3766fc8698d0daef5a6c
- SHA1
  
  751bf6cf1559de7cf1d52f4b0a23306a04ae6e79
- SHA256
  
  a7d7bb1c2fc702edf99b71576d5f84da9d9541149aa4ac66a44547d168aedb80
- SHA512
  
  c4477e5e077edb1318e86bc562f8b1f684e6f5da40cda24a3376dd892f2ad6aafad722a22bae8f138aa97ba9a16d005d40df537c64c73b22e3cf2255ef1b9a97
- SSDEEP
  
  96:5WU/CdDhWuU5lq6iP6Dq6mP6jdD4maIFdiNfwI1dxfwt3/9fA3KAAK7H/tuSHPfN:w58aPxPxmOokotoLDHdisP
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  flei/search.php
- Size
  
  7KB
- MD5
  
  0ce57b18efda0286118ea1a3e4d63744
- SHA1
  
  70ec3b70d3e85e0efe7c344d434895b075e9c068
- SHA256
  
  286a95d45a16a705b4dceb798edb1b4689271dba4a61900810e05f8670f03ed2
- SHA512
  
  e4992f9c4ac94ca5445905db277208190cc54146278b9d25a2a96febb1c4701b7be370170496abc4903812eb16fea0d8aa33d436cd598a25a3f446644cc0bdd9
- SSDEEP
  
  96:5WU/CiCGOWuU5ljLlm2/y9wjLlm2/6ArTWUjyzPVGZjyzAGd3/9fA3KAAK7H/tu9:iB8pLlxLlWArqIyyy9oLDHbnsn8ihP
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  flei/viewflinfo.php
- Size
  
  3KB
- MD5
  
  54ec2f55670926679c14412b67b9ba75
- SHA1
  
  056bd6eddc6f2d751f61933fa4a8fb53bf8d5d69
- SHA256
  
  ccf292ef595d775e0191686dfe43a247152f5c3a120bea51b4b37a24be52173d
- SHA512
  
  5b7cf11f6d888b68c483a5da184b30dee2d2d37c59e43225f953ead5d54721b5a4146b7c22944f1bd17921e0eaf9c137a7bd50e747342dbfed0540475266590f
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  images/35/XM35com.js
- Size
  
  1KB
- MD5
  
  400f9c61eef5f06331de118370850bf2
- SHA1
  
  6b3d2a5baab0b3497f2d436bfd7e37d0e5bbae02
- SHA256
  
  9669090163be19ff392f35c7e0e58343de71fccb8a17e3c771691c06e44a5228
- SHA512
  
  82223616e10c9b1d74bfedbdb8dddeaa58c83c6251eae9301603f290a7fce0fdb3940e600b564d3b40687cb9d9495786bbf33f292e54ba3abfe822c1cf07e68e
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  images/35/converter.js
- Size
  
  5KB
- MD5
  
  3697783002cd2299baa6ca6d7569b5a9
- SHA1
  
  a8dff78bd67b56916fac5969243285ae00fb3655
- SHA256
  
  541ee8723cae47d6b3a410ff31844204e7ed9c52ba651e42f80c88be54ffb5b3
- SHA512
  
  3b40a72f825b3f92cbe8acacca3853de568393ed4a020c3d47a5ff2b2dbe37f519caa82bb108b5d4ed5d32e1854ff908646707eb882a361b3b782343b8ce74b5
- SSDEEP
  
  96:oPYLiQbzdad2jBgaVDYLicbflWLiIbrAAiDHkGzxIRKLiNbCiFpBSkgcLiObFD2k:xLiQbzdaMBgauLicbfALiIbrA1lLiNb9
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  images/35/core.js
- Size
  
  14KB
- MD5
  
  74e2b44cb1f9fa976abe3868638ba41f
- SHA1
  
  ca849e6209cb8474d04e62a7556125e7a888d601
- SHA256
  
  9f13500d2115516f4bd64934c15b079eae3b9504febf76c73be2c6aeb0e25493
- SHA512
  
  6e7fe2e01336b36b289758385d64208c40831fb3c58c604d8cd11ff86c038fb6b5fed6386e3a8d998b99542a0c3d468663902db90978e1347bbee08e1fd344dd
- SSDEEP
  
  192:makOG8/4xlCCG3c+rCPNNm+dL5S3pjW4PqLICbfxUoSy/LQ7jsM0oaRNULYWFu53:H94XTGHiNNPuptYfKJPPLOQkW6A+X7
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  images/35/counter.js
- Size
  
  775B
- MD5
  
  e8816b6487184b4f00366e6c5151d9fb
- SHA1
  
  df32989bd5b785d2c4a260a22ab4fd22ccdab49d
- SHA256
  
  4502e3b169d0b1392eea262369eed9c55e7d17e46fac34c711892cb813335061
- SHA512
  
  fbc749c1ea92d61d0b78a055088e34e5c9d17416e4bf61c4685945a32316fb9c6a6451bf32aec87c69c3316a5daaffa4e84ef2c2cdea0f23f6655512c2c956e0
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  images/35/prototype.js
- Size
  
  3KB
- MD5
  
  7ae77250af1730fcd131d7b3caffce94
- SHA1
  
  58c7b1cfd79dd5472f0fbb60ba4cf77afbe45db7
- SHA256
  
  d56a410fb4c0777040386bf7a8c7caf2bad4fa4e2afdbd6c80771d619b34d2ba
- SHA512
  
  66f0789a96cca690d3239bb5ca22a6506d075a17051dc0341f946363c486ba8d970322e8eca030ce771f0f62c1f1251e6a88a02c509674984129310e8d402559
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  images/35/stat.htm
- Size
  
  2KB
- MD5
  
  34ed3020cbfa4ae6e35d61272014aa22
- SHA1
  
  e4f7a966f5e4c158ee7d2c8ca6c782f94d128c38
- SHA256
  
  7710f085a49a8b9b45bb78205efd02e8baadef6ab16f68f55d5d4a1547511aaf
- SHA512
  
  0d48f5705fa6be6ed59410f8f5dd7e018506b71ae54e90918020d7f93f66c6ff25b4f4386fb01b0e1cf84048d4e9586420c48bd3b528b144fdc29ce9d5bb907d
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  images/35/stat_002.htm
- Size
  
  13B
- MD5
  
  135b77d4f8c869307e2bbc0b67514e32
- SHA1
  
  e2be50b0a4e72758ef2605b569bb5ad5ded9867e
- SHA256
  
  0200f63b01a4cf357181a9bb2a74cfc499a21b1f0d3b220a3d3ec5695fe0f0b9
- SHA512
  
  0a7902a3a7217f4676a229e4028b4d15b4e27ca41d09f713c0aedc065ecaf6e03086cbab1a5ce5cfb78ac5d2aed309319478e6e31f059ef1289486e59131c441
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  images/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32