7581285ec0da69e24a16ce5f53382fd7764a95fec9b073104ae6092fdde6abe7 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

sample.js

windows7-x64

8

sample.js

windows10-2004-x64

1

Sharing

General

Target

sample
Size

74KB
Sample

230331-y1qxqaed71
MD5

0e1228e883c2034782a3824a204535d8
SHA1

5a5057fa0f75c0cb94fd268f06b7b96cbffaa4e6
SHA256

7581285ec0da69e24a16ce5f53382fd7764a95fec9b073104ae6092fdde6abe7
SHA512

c67ec6c705897f1575626a4f8020f1f5f7dd99e461a047afadc84a7fb7845070d1672bd436e9c064df939e6f6a92e4c5b97e681c49b55f7d70e79ab7c0fd91f9
SSDEEP

1536:qqmOYukFYhQ08KQkeSzNBNtsYJHTWxYKQIE:pmOYukniHTWxY

Score

8^/10

discovery evasion spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

sample.js

Resource

win7-20230220-en

discovery evasion spyware stealer trojan

windows7-x64

21 signatures

1800 seconds

Behavioral task

behavioral2

Sample

sample.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  74KB
- MD5
  
  0e1228e883c2034782a3824a204535d8
- SHA1
  
  5a5057fa0f75c0cb94fd268f06b7b96cbffaa4e6
- SHA256
  
  7581285ec0da69e24a16ce5f53382fd7764a95fec9b073104ae6092fdde6abe7
- SHA512
  
  c67ec6c705897f1575626a4f8020f1f5f7dd99e461a047afadc84a7fb7845070d1672bd436e9c064df939e6f6a92e4c5b97e681c49b55f7d70e79ab7c0fd91f9
- SSDEEP
  
  1536:qqmOYukFYhQ08KQkeSzNBNtsYJHTWxYKQIE:pmOYukniHTWxY
Score

8^/10

discovery evasion spyware stealer trojan
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

© 2018-2024

Terms | Privacy