f295fb0d0156fa68847fb0acfd0888cb4e01147c9f5bfdea8e6606adeef00dcb | Triage

Sharing

General

Target

f06a9160e128623d096f16c25f880f2e_JaffaCakes118
Size

5.0MB
Sample

240921-xavmjsxdrn
MD5

f06a9160e128623d096f16c25f880f2e
SHA1

eb9ce40956d29e55b3c790f83899112447db9381
SHA256

f295fb0d0156fa68847fb0acfd0888cb4e01147c9f5bfdea8e6606adeef00dcb
SHA512

c84ad18421ce44173e0dddd5b6972634ead0137412d25944d5c7dc5eec1b653b561837e34d41dc66e385444baeaafa4540c8b2665c5d75fea50abb2eaa8cdd20
SSDEEP

98304:k0W34aHBoTHFGJczsqFJAd2ByMxhpOwa6u0e21BA6lUZm3phzEmI5wv:9XHFGJnZwsiXL+MAS6m5hzEm9

Score

4^/10

discovery execution

Malware Config

Targets

- Target
  
  PHP搜索引擎20110614bate版/PHP搜索引擎正式版_系统解决方案应用说明.rtf
- Size
  
  3KB
- MD5
  
  5f88c994a1217e889429e4be5669bfc6
- SHA1
  
  e1406cda52f03f3490bd42a696da7c52106078fb
- SHA256
  
  e8c198aa1aecc13e41e5e8a40582b5ee0abc5a3a24775cea1dd5369baa454383
- SHA512
  
  e7387794997070759a308077b6df3e3c9c744c6b57777e7fddb856785b3987e66a61f8cade5ab8c0e941aadf62be82016e3cc14d65b699d686f03cbe6c46b0fc
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  PHP搜索引擎20110614bate版/a/about.html
- Size
  
  1KB
- MD5
  
  106a375ffa4778639d86cfbbc354d197
- SHA1
  
  716afe3b62109293c5cfe8fb40b8ee0a19358bc7
- SHA256
  
  1bca375c812648e6c83e8e02172039ca26252a57ac36f466785264c6c4739d26
- SHA512
  
  b27cbbed8dda61bc7747cdf4349d909179caccb2897e8d270ac576c4f1c253daba3aac7c692590fad5712f77efbeb8520006b7d515a61ca89caaaba2c3673579
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  PHP搜索引擎20110614bate版/a/baocuo.html
- Size
  
  2KB
- MD5
  
  35bd09d6b29a80107332a76502506c35
- SHA1
  
  f61312be8ffa6d56ef0af381af394b5a1e695c65
- SHA256
  
  4f4dfcf187c5a1a4ce814aa572e6d9cab05eaf7e710a3559c1ec5b3d1865fd19
- SHA512
  
  324b71592be7e995280cb0936809e30441f80edced4d599bc18c9f7fd95f58cad3debe40d93f550febe991931ec47b62e8d928b445dca195c69d0fa749ca90a2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  PHP搜索引擎20110614bate版/a/down.html
- Size
  
  1KB
- MD5
  
  bad6927cb38a4cee4f523a32c6105c99
- SHA1
  
  4d93379f9e86e8855222b454c1be214b9c808ad7
- SHA256
  
  78d35197c1baf7293352e487b77c178d2ec9c0aaf35d8e422ec784e0e8daacde
- SHA512
  
  77e9b1607ee20798c273499ea05fceb2d43d7a14d6d7a094fd21bf1a8c72dcacf3b07ad33570011dfc976b68ef2a9dc0a1aa8994df3b1a786854e322d7a6eefb
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  PHP搜索引擎20110614bate版/a/index.html
- Size
  
  11KB
- MD5
  
  d746a6a4664a4df92c87867a9bf7e3d1
- SHA1
  
  22d0a502ab5728d600e47f71f0c05f5c95d12832
- SHA256
  
  3949ea8921153ab0d0d19f9b4b9baeab080aa4c249fe2a9a1b5c181bc026a62c
- SHA512
  
  4aac2704daa1b53cb24d5ae36c3ef9195ca98fea0ea6f88528cb03b274b4242c23853fb0016ae37b784e826c849ebb994873f5b5912fc043a954f131a5408f18
- SSDEEP
  
  192:PS1kbUc30DKUmhgJjydUi2Gt+Urilwrid18S6YAkRN:Por4jhgSUk+lwrtGAC
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  PHP搜索引擎20110614bate版/a/mianze.htm
- Size
  
  3KB
- MD5
  
  5bfee8ed25722574a42fd027e2b3409d
- SHA1
  
  0371f1c7b154c15d837205215c25abc3590f3a28
- SHA256
  
  ecd3fb9943b6771741c1da9d71ccdd634e4af941a315cdd3de8c91b4968877a1
- SHA512
  
  e390a8880ec24b7bec64e2248db2538213b8179c45a23dcdc9a26b3f735475df4ef0d2053df1a09b9683c7edeecc59b786243f121514d458183f017ef4a61a11
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  PHP搜索引擎20110614bate版/a/mianze.html
- Size
  
  3KB
- MD5
  
  5bfee8ed25722574a42fd027e2b3409d
- SHA1
  
  0371f1c7b154c15d837205215c25abc3590f3a28
- SHA256
  
  ecd3fb9943b6771741c1da9d71ccdd634e4af941a315cdd3de8c91b4968877a1
- SHA512
  
  e390a8880ec24b7bec64e2248db2538213b8179c45a23dcdc9a26b3f735475df4ef0d2053df1a09b9683c7edeecc59b786243f121514d458183f017ef4a61a11
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  PHP搜索引擎20110614bate版/a/search.html
- Size
  
  1KB
- MD5
  
  c981086534d5982c03619267707b49ce
- SHA1
  
  ed53377ba8b88c29ce6a1f9ab284004c836fd7c4
- SHA256
  
  827d0d8d192b59dc6c52e62fc377b2d73fa57b7307b3da04c5cd246e54abac99
- SHA512
  
  830148da7eb586167bd04f52805cba0811763337a0af7acb0bba7c5ec9a30cdf615f002a89b1f34a715277f873ff4ed7122ab66db280d54b9956f74bfc7007a3
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  PHP搜索引擎20110614bate版/a/site.html
- Size
  
  1KB
- MD5
  
  49260fcdac1645ba119d8160a84ce37c
- SHA1
  
  61d760872f86d212797d0e0d5dc50638fd720815
- SHA256
  
  d0b6b1752b99bb6b61d4f638643baff27011586b83f872d1d1b71990dce3252b
- SHA512
  
  939b30aeea579c9f3a2f75f280c225d1e06cb8cffa1254ad3c2eb39e81d726be1bd2e1ffcc64789540d0f8cc82e43f38fb2008d98176b0cfc25d2d7d5137aab7
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  PHP搜索引擎20110614bate版/a/soupet.html
- Size
  
  1KB
- MD5
  
  a4788397accd79007b8e81a71e4fbee8
- SHA1
  
  657d6cf5f483a727a922f6876a1237780eaaf676
- SHA256
  
  41fcd10d7fe2b97fa350adbc44fdc864cabcc091f68e6f65e84a39e50a6f215a
- SHA512
  
  6eaa280c353933c127a722674537babc7ce7ee636315eac38c54accf06fe9fecb94ed0abfbf76fb9ca9bd192db998b5953d2aac98fa785ae2f00e7cbf4ad8592
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  PHP搜索引擎20110614bate版/a/soupet_net_phpv1.0.html
- Size
  
  1KB
- MD5
  
  30f826762a927dc5ac99db765225d624
- SHA1
  
  4be9456caa2505a31011ec0e3afb1b6a9546d2b3
- SHA256
  
  abbf6ff5ac87438a9d044f9ae2fd17758f665927591fc92055f222f94794f87b
- SHA512
  
  356095efb9e720d143abbfb4a3ed83381dc97bb56a16a7203e0f96d625e302f200416979f4141c8599274e6381e77a18b32ed091e45d15f185f09cc917ef338b
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  PHP搜索引擎20110614bate版/a/tg.html
- Size
  
  1KB
- MD5
  
  a294f6372ee6fe6cc656156a83e06d36
- SHA1
  
  ea6c5ab69dafb07924e2cbe56fa191a1a5f87d05
- SHA256
  
  92fa9fe3fad71c5ddee858eb6ebad5e118cd47291ebee99bc9fb9bd4a791a78b
- SHA512
  
  311cc1cddff8e9abc56a376c2cc95e3329e24815b01882fc2836f275f8626c4e0f0652d7d4790cf3e6b80b9525601c1cc3629cc00ce29e1f8011bfe2fb2d772b
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  PHP搜索引擎20110614bate版/a/tijao.html
- Size
  
  1KB
- MD5
  
  4515c4150540f611ec6c2d1a3e73c024
- SHA1
  
  911972154d03b5da49f32e56a312372f6d17e4f0
- SHA256
  
  885679d0e0e55d9ed8014f2ea1bd261f27ccc30275b36c5975306ed1be5d2f1d
- SHA512
  
  061d9f18f27936c89bbbb9fc27d824b989a020e786562eca8db60331bbc8a36aafc9041e37d9fc85aecbdb5c56a3b4b2301a2b2e1fb280616f8c4977a702488a
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  PHP搜索引擎20110614bate版/a/wap.html
- Size
  
  1KB
- MD5
  
  68e31b871b325cbb539fdacf1b5c791e
- SHA1
  
  d043c88167d835629a5111ce3944b8fc2f1fcffe
- SHA256
  
  a89b65b40637969ce8a8071c095c1e9bd7cb643e062ce642dcc82cd9cf838cfb
- SHA512
  
  291f74d8d2be48f1c6eb6cdcd082d1fb38d933cdb061ed4f12c0c75690e92d615a7332e39212df73b94f50291118891804d864d519c49dda6cc29ca29a47432e
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  PHP搜索引擎20110614bate版/a/youdao.html
- Size
  
  1KB
- MD5
  
  8344ec91d039e20884ec6caa5244de36
- SHA1
  
  7bd3f9bc5cbda74080e259b86d71cc2f6b20a2a1
- SHA256
  
  28d9a2e97fdfc7ce52afa1330a1f969c6a6d0c3b4ec503333c616fb6bfbe02b4
- SHA512
  
  c9c27192bf6d2bc8dc46257270dca699de1589f02867b2cefa6ddb7d071ab75d336062393bf5390c8cc411eea3dca7ebddf8fd2e38ac0d0c21299a71facb0c9b
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  PHP搜索引擎20110614bate版/admin/ChangeDb.php
- Size
  
  2KB
- MD5
  
  b1ff8b83d90f08104f34cbb747a5fe15
- SHA1
  
  6c18147917ab9470b0b836d14336b8e80ec8b441
- SHA256
  
  1c1e19330c8e2e494b455b98dd7bba495e987fa5884ef4fe0d975f347da16d22
- SHA512
  
  9beb0961601e5d1715aee589127c2ce09ffb27b5e9e67aed7f5d3e28597d45401dc296df925291144b9b515d425cfb48fb047b3fddcde82046168822015542b9
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32