c9a641f207845d59c7237ef2a195e4fbc7ddd89d96454d641a0d3ea789b276c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

D-OPkiaFrs.54293.js
Size

81KB
Sample

230313-xxk2mabf93
MD5

869f10ba1fa7c078fd1cd725a3a25308
SHA1

a475bcc18c7583ec1b3592f83a86380ecd05a2b8
SHA256

c9a641f207845d59c7237ef2a195e4fbc7ddd89d96454d641a0d3ea789b276c1
SHA512

989374118093926b687d44616309b8fd6bbd419b777178cd4797ade9958e316943d54f1cbfb3471757f3d057ddf4ed165a58372be62099ef1f754b10f8182dce
SSDEEP

1536:OAnpsmQ4Scj64zccVGfWM1PjmfjTkI2E7A9hMglv33:OSsj4bj64ocVGb0MIUKgln

Score

8^/10

Malware Config

Targets

- Target
  
  D-OPkiaFrs.54293.js
- Size
  
  81KB
- MD5
  
  869f10ba1fa7c078fd1cd725a3a25308
- SHA1
  
  a475bcc18c7583ec1b3592f83a86380ecd05a2b8
- SHA256
  
  c9a641f207845d59c7237ef2a195e4fbc7ddd89d96454d641a0d3ea789b276c1
- SHA512
  
  989374118093926b687d44616309b8fd6bbd419b777178cd4797ade9958e316943d54f1cbfb3471757f3d057ddf4ed165a58372be62099ef1f754b10f8182dce
- SSDEEP
  
  1536:OAnpsmQ4Scj64zccVGfWM1PjmfjTkI2E7A9hMglv33:OSsj4bj64ocVGb0MIUKgln
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2