c7246f2f802c8d017fdc1efbc6fb845d7175854140cd055c859e9e5da0cc33fe | Triage

Sharing

General

Target

run.js
Size

42KB
Sample

230314-sle9sagb75
MD5

213faecc641aad1a2b64714054adb61d
SHA1

6f293b7c46ea6d1419172378903661502c37982c
SHA256

c7246f2f802c8d017fdc1efbc6fb845d7175854140cd055c859e9e5da0cc33fe
SHA512

2fe498e54599a8c79f91e1e99a6ed7181e2cabdf46f7a32de2d2caf267c2a2af33d3007b84b043a43228f1130efd42e0852177835d333ffc2a954d38c4bf9362
SSDEEP

768:ID2IHpyO0kefdnhYnLg+iLcQpHPGLP4ay4d4Sw8nnsW1DADlyP9w0eyDtHSSp:ID2IHpyO0kefcg+ipPSustHSSp

Score

8^/10

Malware Config

Targets

- Target
  
  run.js
- Size
  
  42KB
- MD5
  
  213faecc641aad1a2b64714054adb61d
- SHA1
  
  6f293b7c46ea6d1419172378903661502c37982c
- SHA256
  
  c7246f2f802c8d017fdc1efbc6fb845d7175854140cd055c859e9e5da0cc33fe
- SHA512
  
  2fe498e54599a8c79f91e1e99a6ed7181e2cabdf46f7a32de2d2caf267c2a2af33d3007b84b043a43228f1130efd42e0852177835d333ffc2a954d38c4bf9362
- SSDEEP
  
  768:ID2IHpyO0kefdnhYnLg+iLcQpHPGLP4ay4d4Sw8nnsW1DADlyP9w0eyDtHSSp:ID2IHpyO0kefcg+ipPSustHSSp
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2