ac8aeded3be15ae6fb3aeed2c249884fd1796dc7445c5b3bdfd98de27f34cef2 | Triage

Sharing

General

Target

976506dacaee96f4a4001760192ce1ae_JaffaCakes118
Size

229KB
Sample

241124-1qdkraxlgj
MD5

976506dacaee96f4a4001760192ce1ae
SHA1

16d856cb6941f2ee35e59e4f31e137b7386cd7a0
SHA256

ac8aeded3be15ae6fb3aeed2c249884fd1796dc7445c5b3bdfd98de27f34cef2
SHA512

7a1479aa1381c88ea7580a8a496f0f1e9ba9ca0a5c24c43db1440efc2b74b1f2e0cec0084547b328395b92e79355b385c64256bd5d104cbdc3b06a1327b62dd5
SSDEEP

3072:X9n4v3GTj/m/LyCbbmcszdCyS3K6ZdQL0pb6IjQUstWOQmqrd99QEnYPvrSvpUtI:h82m/LyCOcsAQL0pBjQdbQHFvetHATx

Score

5^/10

microsoft discovery execution phishing

Malware Config

Targets

- Target
  
  smartsheet-auto/account/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  c8ea1e960b48a620c00bc65d525a721c
- SHA1
  
  6e16a7a95436ec6f1739ae80d121e77661880634
- SHA256
  
  533b46938dc1aa03fa2a8a6ab5977fbdc8b115c0b106f921b0fc4ec637fb35cc
- SHA512
  
  2306c31923f47f7b90bf1f7067519e289c5de4aee2f6b4b2f925c01f57acad0b0a30867b7b025a2222b4d23ec390b265299f4bfb7e2c41d51962c609dbd80473
- SSDEEP
  
  96:zQapMrp1cwAzq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQG:0apMrS12iGWGXucr9M
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  smartsheet-auto/account/index.php
- Size
  
  19KB
- MD5
  
  ca02d1d6af46ed775ab70ab300f6c8bb
- SHA1
  
  f3a9aa1adf47521db3f98292b2f416df90e7b6bc
- SHA256
  
  cc2663af10dfd3648f940a6f993ed2bdc0d842f1639226c302240c433a19c542
- SHA512
  
  3e39a674ba9308a08079f5017880d9c739c30f2622ab845939b502ef5d03f2005e9bceefa8ae1a946fb9d9a1e53691258840a425261d8c2fedbdb28f68d44136
- SSDEEP
  
  384:FVT4djdEhbRGENC99ItV4OkLsPA2YaA9dmeyi+:450b8Ec91O4rQ
Score

5^/10

discovery microsoft phishing
- Detected potential entity reuse from brand MICROSOFT.
  phishing microsoft
behavioral3 behavioral4
- Target
  
  smartsheet-auto/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  c8ea1e960b48a620c00bc65d525a721c
- SHA1
  
  6e16a7a95436ec6f1739ae80d121e77661880634
- SHA256
  
  533b46938dc1aa03fa2a8a6ab5977fbdc8b115c0b106f921b0fc4ec637fb35cc
- SHA512
  
  2306c31923f47f7b90bf1f7067519e289c5de4aee2f6b4b2f925c01f57acad0b0a30867b7b025a2222b4d23ec390b265299f4bfb7e2c41d51962c609dbd80473
- SSDEEP
  
  96:zQapMrp1cwAzq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQG:0apMrS12iGWGXucr9M
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  smartsheet-auto/gmail/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  c8ea1e960b48a620c00bc65d525a721c
- SHA1
  
  6e16a7a95436ec6f1739ae80d121e77661880634
- SHA256
  
  533b46938dc1aa03fa2a8a6ab5977fbdc8b115c0b106f921b0fc4ec637fb35cc
- SHA512
  
  2306c31923f47f7b90bf1f7067519e289c5de4aee2f6b4b2f925c01f57acad0b0a30867b7b025a2222b4d23ec390b265299f4bfb7e2c41d51962c609dbd80473
- SSDEEP
  
  96:zQapMrp1cwAzq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQG:0apMrS12iGWGXucr9M
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  smartsheet-auto/gmail/page2.php
- Size
  
  2KB
- MD5
  
  18cb0a97908f8ce90969ff89f49d3050
- SHA1
  
  542ac8602c7f9165f1eddc0e87feea2ea8e34eee
- SHA256
  
  473cfa34f7717c33cca8860e957596471c223f8a51c753dd67e50bd4cdf330a3
- SHA512
  
  78f09496da0c743e5159cf7947b9a049e17f0076cfdac1ce76f3a31130f90e56a1e0c51c06da913e97ff586b67779548ef0b9aed099890018b81c299f34f1bf9
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  smartsheet-auto/index2.php
- Size
  
  19KB
- MD5
  
  21bfaab2108f36d432a18b9385d994f5
- SHA1
  
  b45ba7c1f9f77fb14a20a181fecd67599d423b9d
- SHA256
  
  5f574b81b9d76fa98d2441bb8f5c568fb5e63e1996e02e5e7a98951e5592c10a
- SHA512
  
  097fe4f3b281355effb4d8b9223dfb17e0a29a047131e07e94e1fed4767f72224fd5e2a8aa4db855bf9b44140b55901d06ac111a79700c6cb95aaf3b29d46280
- SSDEEP
  
  192:x6CRm3/0xxO64FlNbdNgwSmDmzblismfYrnaurGecn:ACs/0xxOfRXmzJiNArnauKdn
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  smartsheet-auto/page2.php
- Size
  
  2KB
- MD5
  
  a498989bfed1c858f0c6082c94a28dbd
- SHA1
  
  f619017508b247b657e3a62a4799161284a16c4e
- SHA256
  
  87082adb6c9478f94bec74b4a2ce69b0018e9ca74f00db0496f7a89e75bf5a9b
- SHA512
  
  e5471d58451dc1f87c79fa667eb6124e206f00969cfa877de4aac9d0b0901844ea059dcc82414eee4dcd23bca6854b6dea5490e5d1d25d3ac433fc189961269a
Score

3^/10

discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

microsoftdiscoveryphishing

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14