bb96e1541b8ff33e5ff71c2d4298019f815a93a5c5f84d46197212784f5ef804 | Triage

Sharing

General

Target

2988.js
Size

702KB
Sample

210810-vkn1hnztgj
MD5

5722cc13cc4d2f58cbc35fa38d33a208
SHA1

431326c4fd9f62457f56aa6e9a0ee86c9fe5b7f7
SHA256

bb96e1541b8ff33e5ff71c2d4298019f815a93a5c5f84d46197212784f5ef804
SHA512

21febe0557b5ea65bcac19668777ee75e10a96eabc85eb421c4c747c6ea9a10d0ce2a1c7b8f579d832c226216579e498164efd4cf481176479d66a9672866eda

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://erzurum.us/65376345273497600381/tjTyjrjywrdmJoaaenvF/dll/assistant.php

Targets

- Target
  
  2988.js
- Size
  
  702KB
- MD5
  
  5722cc13cc4d2f58cbc35fa38d33a208
- SHA1
  
  431326c4fd9f62457f56aa6e9a0ee86c9fe5b7f7
- SHA256
  
  bb96e1541b8ff33e5ff71c2d4298019f815a93a5c5f84d46197212784f5ef804
- SHA512
  
  21febe0557b5ea65bcac19668777ee75e10a96eabc85eb421c4c747c6ea9a10d0ce2a1c7b8f579d832c226216579e498164efd4cf481176479d66a9672866eda
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2