General

  • Target

    89a0c0fdf62f801330a316975e5603c0_JaffaCakes118

  • Size

    193KB

  • Sample

    241103-e1qgeaxqbm

  • MD5

    89a0c0fdf62f801330a316975e5603c0

  • SHA1

    80601b343f0c19643bc8ad40dbffb318c7eb36ba

  • SHA256

    ba45e2f2639c4c546ba1a121af421ea89383ade9a5c18123b2739e20e41d4545

  • SHA512

    7a16ccc3d362db2e2add74700a9a9aebcb5e2aeb6b684031e62867b851cbf7b9d2f2fd01303d55044feeed06ea397934bdbd35bebddaa67c7db88679e24786dc

  • SSDEEP

    3072:BQJ4iVOX4okfrocTvpjDvgcYRu9obpczPcaAoolKjD1KWvNFUHdXrDg1j8hnv3uS:BGjOXwXpnORu9lPUo/D5vDUHd7DqQZ

Malware Config

Targets

    • Target

      alert.html

    • Size

      1KB

    • MD5

      7c0b11a89b3495515da8f575c1274ad1

    • SHA1

      b22650b073b7928e01d2881a6ae0c8fc6ec8c4ff

    • SHA256

      e5d8f17cf1ae6bcc7fb8ea1dc761f98e3cbff2f3f81655e1e3fb827ab2d8b93f

    • SHA512

      5cacea6c9fd0d8c87b96aa5cf2c4626e3de4fd845415b1cacba2f2a780db1d3c48cc1ba7122a3ee58e3271692fdc348db2fc36543facf9756b85f32df3aa8e8b

    Score
    3/10
    • Target

      code/advertising.js

    • Size

      6KB

    • MD5

      e501cb1eb2a0fa001efcaa97329bcf5b

    • SHA1

      44166e4793f6c35826f6c6bde39005d8990b6e58

    • SHA256

      0a1cda9d3b57cf8eb4cb67f2bfa15d6f389482bc97f41d5edfe67b8125dec736

    • SHA512

      06339709549b48aff00e25d9acd08ef0ed01426e82d55f51fe27b27669bc20dde635b5c3d43b45e6104f481608f1195f457c03f3029508746bb7816fed685e84

    • SSDEEP

      96:B59pJsh5ZDmf8SSa/4BB3jTYgVyfZuT9A2JwGll4Vo9EUHGfq54LP:XPJ2Zu15uDBaGlBKyGfT

    Score
    3/10
    • Target

      code/alert.js

    • Size

      3KB

    • MD5

      14f0a29a9df2dfa14b4386b504ca59f6

    • SHA1

      48bd0d57b9d85864f6b4e5cf8b96efe1c1a7dded

    • SHA256

      43a5c3aa33465e3b377f6aa12f555e0bf50bdab70c579085f63f7283f20cd6a3

    • SHA512

      6d7ed221cc565925acbe7a2d2005f1cba8e6940c8928044c72934dacaf4983593d755dab715c0ddb372e90a05cf0f0298af4703832efb1a372afad2e5478b60a

    Score
    3/10
    • Target

      code/animation.js

    • Size

      2KB

    • MD5

      e0f61d21a95e570cf4da4c2afe091b7c

    • SHA1

      215b8ce02c7bc60392c3f42b7a2b387388057f3c

    • SHA256

      8159a9f9f6be0d33a0d4d2e1de789254310d58818e8dc73f5c105d720c54f294

    • SHA512

      61a1bc1462ce59128b7da789cc0ecf8eb453aca04fae9dc736f0d96f28d4694ed539e9e086a99c480d1cf493197c4213cd41a6aa4b654cd7cd7c347d51973c03

    Score
    3/10
    • Target

      code/flyout.js

    • Size

      1KB

    • MD5

      fcad27370bcf34b671bd7349fb92c518

    • SHA1

      cff5580c5e67e06067130f7f49f8ba2d22b8a2bd

    • SHA256

      15654b012fd7dd2da78cd0f0faf0810e79ac1eeb17b35a770c06827a71b87cce

    • SHA512

      4896a24a1a1bfae7a9b0d85a5d55c52da94bc387f9bdb2147c81d783a0950927ccffaf2abb3a254fa99caf4d545647516aa0d6c0d4de847afca9019bd1e97342

    Score
    3/10
    • Target

      code/gadget.js

    • Size

      6KB

    • MD5

      6f0bf1712a6617598d1f803e997640c5

    • SHA1

      4f0240364e7cead6c44d271b6f22b1aee659180c

    • SHA256

      0770154518321cb16c344cd6eeb090212b6f593cee21330816f622ca52210a5b

    • SHA512

      b2ce011137948e9cedadb7319ba9d7df2cbaf3c25150d338133716cdde1feb095aa30039129456a5423d942b4ca580293d59eaa086976621afb360513185e134

    • SSDEEP

      96:j7sgJgY0AoIyN7mwqLU+yufqeZd0Yl4YLGaaBLNQcrgeoKoofJPwD+/SHSqUc/LQ:eX14wqLU+xn013hUYfv/QSFu0

    Score
    3/10
    • Target

      code/heart_menu.js

    • Size

      12KB

    • MD5

      63390f85f125a1731cf62ec9639b43dd

    • SHA1

      de81afabca7c63456a866791c484f621a2bd93a9

    • SHA256

      928823a4f69fa9b00f39fd3fc61837b6b4e45b50691cec88e3088b15ce9962db

    • SHA512

      6a6a75e5365f0a10dae68ff77a4a9c0d1e201575a72b438f6a78d125d297aca048226da778cbfa5c0dc9728545e38b0aca7644a924f0e2b8a6d13d4a9b6d4864

    • SSDEEP

      384:eykyiy+ysyZyQyv4ya4uy8ykyiy+ysyZyUyMRyBEmF4yMLyVBWEFrrEN7EIJEW:57lZDAfvH/z7lZDALM4KcMObWEFHs7N3

    Score
    3/10
    • Target

      code/settings.js

    • Size

      2KB

    • MD5

      ee98c058bba3504247d6d68fd006e5b9

    • SHA1

      2760e4e2e6f2d1a216b8e4dde1c58c944697cf26

    • SHA256

      cf05918ad9ecc67441f5acc4d17dff3c17a997fd0204d6a42954dad015f46343

    • SHA512

      d619b1735ddbe8fbba0f6fa17fe0e166a0aae91ebfcb153fa7a297b7fe406c900ad6f1b25b6dbc401baab9374d38c5f86559fb4c853d35b7fc17773ede0dea01

    Score
    3/10
    • Target

      code/update.js

    • Size

      4KB

    • MD5

      f7b3b816486cabada4aa79ce8196715a

    • SHA1

      e172f8654e699c714666f12a29874ee896f3d389

    • SHA256

      b2ba54f3413625e50422bd200efe2d822d4ebd4e4e50aab55c0fa85e05392678

    • SHA512

      d407e60909c68c10272df622873fec36ddc5817f8ed33d5ce8e478c439275705180ef7d8b62fdcd39132330684892762c205d98959000b43a9b1c4021975f823

    • SSDEEP

      96:1I6eOXGaHq3IPLYep56IH354zN1kMyMZxx+nxvzhOUmS8eZ6:1IjjaHcIz7fP35UcMnExbmS8

    Score
    3/10
    • Target

      code/utils.js

    • Size

      1KB

    • MD5

      1d91ad1d8cb375c09b0221e1a025a027

    • SHA1

      1edf1dcb39ba016b4d073e548640004de7e5d92b

    • SHA256

      0b6b22469d12a6d877236a61ad53f48a320ea474b93b2cfb2093288f92a75113

    • SHA512

      732001b4e268a08d107afde92fc27371e28d954d689c113a1649ea2d26b0868ce4257f1b774c39ef56e066090e43c776e03daab5c35d32d0c4408a6ad83f588a

    Score
    3/10
    • Target

      gadget.html

    • Size

      8KB

    • MD5

      4ff00b50a887e90f4a3ad37338fc50fd

    • SHA1

      1f2b306737bf989b3860790bb095cb54c3aae97a

    • SHA256

      cde092885e9c5d7c0777ce27209cd6c365acd5babac97c88d76460410203a931

    • SHA512

      d0a4938b185f70bcb6413ab159e07317ccac19e36555d44e027fe4ccc744f94cea8c48b04b79ac77ec66d04872219e2856a8f31152930bac2f58296753bef54e

    • SSDEEP

      192:9LjIPI3JIPuObKdai/pWia2pz/KotsuUfTmsv6n4DAM3uczAWAd8PUw+i:pQKH/pWspeuUfTtv66zFAd8Pf

    Score
    3/10
    • Target

      gadget32.dll

    • Size

      86KB

    • MD5

      fc731b91903a20243f4a67e39363fea0

    • SHA1

      c826b26f72c2903a17f92a596df055e127336cf6

    • SHA256

      87ac0ee1110ba9bb784ce6eecb4f2ce2d1d030e27b7720975e098dda4f62262b

    • SHA512

      0d1373bbd204c838b145db94a6cc0107f52bed7ca75eb0a9b2a785cd78dbb347adfd810fe0cb5c5f0368c81f7c7e446c30bfe7c3d996612ea6c394989bff407f

    • SSDEEP

      768:MuNzIJWjuJuQ1lTLhiEPjPkn6nSuSzGEAkPTbvLYapE9BSR12ikg7bgmkD6xIvif:ZJUTLxb+6nSQITnNG9s3kIalA5D/bG

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Target

      gadget64.dll

    • Size

      99KB

    • MD5

      bb97a1f12083f49d0c337d1221448bab

    • SHA1

      4f8e769bdce874fef3b715749c1568393dc62919

    • SHA256

      c3a962b989beeaaee31127dc133a90c191e670be65894baeccbd5ae9637d4f06

    • SHA512

      1578b273a9321439ebb7cc55e2523b14379666b4baec096900de31e39bc899b5de970bcbbce773c444e781f98134d09f3464426ca595403f1c31ba210d8b4a43

    • SSDEEP

      1536:EWPVJJT8Sa48UU4w/rgQKcfaL30q/VDELarEzQ45fbYM:DPbV8S+UUDjg1cfaLhuLarEM45fbt

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Target

      index2.html

    • Size

      2KB

    • MD5

      b19540322c62ed22b8d6c957a676897a

    • SHA1

      9fde9cf8fb6acf503ecbfdc9458602ecb22f2da6

    • SHA256

      8a5c6459908e519c1aabeaa5d144c45fed01050a2c4bb1dc2b0993de1ab09e0e

    • SHA512

      47f5faa78c28409e6303ac3c92307eb06e312178b821afc83cd1240d59bd24d8d9c23456553130a023d6012724e43141d32eeb56de8305589b10ba6a16a3706c

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discoverypersistenceprivilege_escalation
Score
7/10

behavioral24

discoverypersistenceprivilege_escalation
Score
7/10

behavioral25

persistenceprivilege_escalation
Score
7/10

behavioral26

persistenceprivilege_escalation
Score
7/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10