44cdca2c043b13f7e0eb8d07b1cfd138fd8e22b7aa9b5ef0b837581fd898794d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d229cb2d84856a49bbb3b38156be263_JaffaCakes118
Size

634KB
Sample

241009-h7h8fstckj
MD5

2d229cb2d84856a49bbb3b38156be263
SHA1

390987676ca7f361b95bd5894cf1d57fc35665dd
SHA256

44cdca2c043b13f7e0eb8d07b1cfd138fd8e22b7aa9b5ef0b837581fd898794d
SHA512

9b1ceb39effd0215c1468324307863716401fd95dd0a8b92ecbe4dc8f329d2e13cd7efdf20338a88842ee2b5d8920cd2f629ef33ed1b05bd7cc96c9dd0fa0aba
SSDEEP

12288:17t5Fknxaha9/1XsRB6QvXRFIJGzVwSMKmy2B8s93QC62x5OX6Q:ltLkxam9XifI6VOy2BH3p6aMR

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  Confirmation/signin/RZT/FuLLz_YS.html
- Size
  
  2KB
- MD5
  
  a2d3e6e01a7e8c6244036db120d8e556
- SHA1
  
  3f4a235c11d6b61f5895f7e02607949658ddaf3e
- SHA256
  
  bb5ae8a258a25f5fc437b64ec3eab423b5d4b15de0240b9a1df37a412e579180
- SHA512
  
  c3650eef63153f321507f1abc9d0ecb68850a11a1ac24af5c7dad3ff73caa9208cec2c264f1124f3faf4c66ac05d7e0167e55da50b0a13ef800a03111bdafb0b
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/jquery.maskedinput.js
- Size
  
  10KB
- MD5
  
  c1c1a4701e27d332704247e732795f4b
- SHA1
  
  9616a8baa75e57a4315342b39181015fc69584fa
- SHA256
  
  c75ef4ed711014b31fe4cc01e7b96ee7723d2fe8b77c7158f45a885f1a15d4ad
- SHA512
  
  997db54776e9d60e85210c6fd2004a32dc5be8b56a56e80e4df6cbeb6dc6eba1e14a7261717963a6c8cdbc5bde99e6c5be1bab3136f2cacd11e48a384dcda2b4
- SSDEEP
  
  96:yiRRS3DZo/zdr5Q29ONKjGOBKzwPgDMg8RHYTke8KSO7JPoxg4OOaYjrdofMHXuV:U3OBtn9HKOEzQ+TkxAoxMuV0
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/modernizr-2.js
- Size
  
  3KB
- MD5
  
  a635a55ddb6339a3d0d01c641f670753
- SHA1
  
  a6dee4a1df6c51b82ce2e67323514e7de4e165d4
- SHA256
  
  a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
- SHA512
  
  2562ca35be37bfe0b984ec288e23678bc97ba7a881764044e65914ea013742a5310a5c12839cb8a501a464791bc67868fe6a02ae149df9329e40562569eba42d
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/ys_appli.js
- Size
  
  528KB
- MD5
  
  f19c6a1bffe06007723a7d576672cbb4
- SHA1
  
  a0895c2544a2e14092eaa3e058a21a55df5169ec
- SHA256
  
  96a8c02dd0bf6836178bc1886c11ecbc6be5925bd950130440c0c7aad628f69a
- SHA512
  
  4cbec6780f075f7289f3dc22401ef327e93e7b8800afac2ac15db3428066be984a85b8a0587d4b66cd6bef00224d50ea47e00fe3756f0dc15f06e41aca4ac3af
- SSDEEP
  
  6144:vGPgbEZ2epx5Sl95mXqxAfhVThWrbxeKLJeatZ+l:l+2a8lnmaWTQxBJ+l
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/ys_bootstrap.js
- Size
  
  62KB
- MD5
  
  edbd7f53fc7ecdfa3ab0f217e52cf141
- SHA1
  
  1071fc2071b5c35d1c5e68d6fcf26d313ced984f
- SHA256
  
  b0eb4632ccc36ee0f53aa0faa232b21a75c41d985069e78edebe9c8637714bee
- SHA512
  
  94e62934080d446f9e0525fdfdb21c26c59ca072bc809f8941a1d21554f75768539bfe26a96485852067a215dc2a5e871196739337c2a926bb95bf2d53fd3210
- SSDEEP
  
  1536:fHrW8VnF/we+KUqo2jEav5+y5Qs3GcM0cPMvn+SM/:vr8TqJ4av5UZ0cd
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/ys_dowira_jquery.js
- Size
  
  93KB
- MD5
  
  e56f6eb4e8e75f159a5a4d8c76092423
- SHA1
  
  935c99c47edc30c0388cc521d25854195e3ad736
- SHA256
  
  e8fbccfcac07bb996f74fd19e77f601372a374b3f756a2d8389e931271945c2a
- SHA512
  
  51a7a0bef389490224eda3e6ad2828be1934f0560b715c4e3e15b1f6207f810a932d1d41c0fe785c24caf7d33db01ad67290126ec0053399aed5b04923f201be
- SSDEEP
  
  1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmY:R+41ZqLTW8xRrqSb8qGH77da98Hrf
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/ys_dowira_plugins.js
- Size
  
  54KB
- MD5
  
  fd492346b6af83f8b6e2d37f481ee11a
- SHA1
  
  2da277952e354fc1682e4f68f458bf2264eeecb8
- SHA256
  
  607530a98b7c468dd0734a70b6e1d3d1decf1d2e5f949cae492b98f43ee74949
- SHA512
  
  db84cfd6500bd192fa1caaba54d111e5c4f2aaa95671936fa4caa94d2a40f9a598e539c1c73684010c0f61f6b9ad2eb5dcf34d6eba2df4676971f4f4deaea4fd
- SSDEEP
  
  1536:8CVduPiiEtI/VrE5K//I9Of/6cTr4VSL84kI9YOPmG3pQHugqjeH0CVzPkOoV:TV2iiENKIK6ckSo4kCeuZSH3VzPkOoV
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/ys_pa.js
- Size
  
  28KB
- MD5
  
  c4d7e5655d32e5b3356b83b8e9995aae
- SHA1
  
  85c094e513d7192d5e700742ec30610565fe02d2
- SHA256
  
  efbab891026f391a18fabc61efd3aa69327449d51ca75dbbe6a725e11f8e6289
- SHA512
  
  28ef3a1bd8a438331ae5810dcb0594019b5029bdd4b171667ea3ef4feba4b13db007676a4e9de5692182be6d1bdb4432744e7041e403f7271f5f9fe8a77ef375
- SSDEEP
  
  768:FcDKcg/l/dOiqFFYQZTxJKdmpkK3H0QkqYHI3GkqMTw6JuCb6HoYzYYH41HK0DmE:FcDEdOiyFYQZTxJKdmpkK3H0QkqYHI3L
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Confirmation/signin/YASS_DARK_WEB/YSASSETS/js/ys_ppl_647892.js
- Size
  
  61KB
- MD5
  
  5eafb5dd020c3cce509600928e6e322b
- SHA1
  
  97710487ded54605d1e0a6df4673dbecad5c7892
- SHA256
  
  f05c992487bb71e5f2f603728254ddce12b9f8c051501b9b3631c2c2e421ea0d
- SHA512
  
  c27310e72ce1f4e14b1ea3b6fcd89ee1b2aeee945995a2a5282722d9ac146e342960bddabd52d12ae1d8a0a12489f5b0315dd324c6307cb20bb9d644025f1623
- SSDEEP
  
  1536:AbWlsyGU6XnpRuDGNGdpVB/Xqob7RsV9f:dCy4moGdpV5aoQ5
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Confirmation/signin/YASS_DARK_WEB/accessaccount.php
- Size
  
  23KB
- MD5
  
  19c42a04253e9a3621c95419c2b1f4bf
- SHA1
  
  54dc4482cb3157d7df96ee38047bae24b8f73bfc
- SHA256
  
  31652f01942cf21e876e659767243384a6e811b2a0e3f0631806049ef1ca7cdc
- SHA512
  
  ab8579ae2a6280bf6ee7c9c5da0b380ce3faf78ece18e7ded614d3a7e2dc8a81b6f9ded13ea5fb56a7badbc50d225419df50cde00bfd424e2daa9ca9fc27d240
- SSDEEP
  
  384:LZEf/ujjwchmU97LvREmtpMtsKUTM8DExyENOwgEsbmG86:ef/uj0chmU93REmcGKmM8DEYEgwg9mGD
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Confirmation/signin/YASS_DARK_WEB/css/jquery.filer-icons/jquery-filer-preview.html
- Size
  
  106KB
- MD5
  
  2d0cc4c12f9e3121066dec44d3afd3eb
- SHA1
  
  6971d81a3ccb5c8a3cf152403416a3466df2e06c
- SHA256
  
  f35332f017f1fc0ae52be50dce90e359f931c071265cc026d256d7fd4767b37e
- SHA512
  
  bfc6a2e1d8da221bb894c937e1b9ce5c4e9caac5554c817719ddc308d0423bf20ff3a055d7a9623daa97f4d69ff9067b94383eab7cb102f520165d6d337f19f8
- SSDEEP
  
  768:VsF79++Nqvu0LEsG4ITy+yEyiy2y/ymy5yPyeyla:iNBqmME14ITy+yEyiy2y/ymy5yPyeyla
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Confirmation/signin/YASS_DARK_WEB/identityauth.php
- Size
  
  26KB
- MD5
  
  af95ad3401bfcb44066917dddeaec52f
- SHA1
  
  87c6542f26b85046dcb729c295d0cfde1b4180b0
- SHA256
  
  0c43809be0fcc52abaf9bae23398e22aa80272378d31df2362e3c71fa64e640b
- SHA512
  
  a067cb937010dc283665433c2265e41a5364cfd3640f5200cd9ac6f217bf45b69d403dccd6a876696f38f9ba400880045c4621c752129385c501f490c81842e3
- SSDEEP
  
  384:L4Cf/ujjwchmU97LvREmtpMt1yoGvfDExyE2iwsEsbmxgCAungLfLoi6:tf/uj0chmU93REmcXyDvfDEYE5ws9mP
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Confirmation/signin/YASS_DARK_WEB/js/custom.js
- Size
  
  5KB
- MD5
  
  ce29950d78d02f144ac013aec641cca1
- SHA1
  
  16dd3324c682cf3e448302dd9e7c67dced958704
- SHA256
  
  d810214b104176f7b428b5c1f635e2131b9cbc753d24e1ba7d06644d891178c7
- SHA512
  
  200096c3d739b43b27f484bf8f7f10bb404df4977d80c1d8e81b4673fecd3d3baff036cf3ce1729289f580205a852ed3374d6b20b35a9b96858a7887b9640bd0
- SSDEEP
  
  96:Dk+iKR0N5SXs9tQP41WvZ05zFT7FLmz41AxMUK613F0a54WRx/X4OYMnBYIQWkEC:DJ0N5SXs9+P41WvZ05zFFmz41sGa54W8
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Confirmation/signin/YASS_DARK_WEB/js/jquery.filer.min.js
- Size
  
  22KB
- MD5
  
  55a8bbfdbaf339d95fa73e2b4f92d500
- SHA1
  
  7ec1d24807957f5657cac02555cc0a0120db6acb
- SHA256
  
  79bdb050a1d6115b10318e5da9ad841367952a259c265868ab190c1c0bd9597a
- SHA512
  
  50dd016c02dd3998a5755d0e4040e460dffc141eb0bb566968dd60e4d9232571652fc9102caf1d5fdc52d2b545f8b535a8242c3b6a5490130f06456a9652b449
- SSDEEP
  
  384:hPMJ8ocEnjh4lKe1o+M9KqlbkJTEVC4016wjJAxwOnIhNF6okWAP/x0:hPMJ81gemwJTERijbOn64h3x0
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Confirmation/signin/YASS_DARK_WEB/loginauth.php
- Size
  
  6KB
- MD5
  
  b51d48d5fe8db6abdc67405e364f48a3
- SHA1
  
  3d8b22d7f22d4f91237901a7db2e9ea55046d3d4
- SHA256
  
  6d9b56448be56204b155f6ab931a8aa96550c8364350c4ed540f9a37a891a268
- SHA512
  
  c428a738a9f992d5d97566c6b535cb0fd5a30516954a7f858ccfdd77b033867b4b704712afbf225ade207615275cdfb2ae037dee079684621d41483a121fc163
- SSDEEP
  
  96:LY0GbVZp3KyHfBQPXRrihUbWlIXByyfH7q+GuL:L4htHfqvxi+TX0kHhL
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Confirmation/signin/YASS_DARK_WEB/myaccount.php
- Size
  
  11KB
- MD5
  
  636f530800541b6eb52e3e76dfd32daa
- SHA1
  
  b56548c7c00090bedbb87fcaf4f520d67b89ed32
- SHA256
  
  92c32704f9474bcb1c6d7d0a361ed8b9a4e0c6fd261ebcabb617038c9a4060ba
- SHA512
  
  f1dbbad49ac3d40f1c15f9372d4afb32d9900640869ae486f4e8778e2e6f7af3e58d679b213dbe211eb2790c97c3fb1cb8f3779dc7dd94caa8fa5ddc3bbd18b0
- SSDEEP
  
  192:dLaAl9BDW9BFzwB5tdowrcpqVIc93dtaKUGei7O4:dr9M9fzCtowrc2Ic93dtaKUFi7p
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32