3c110511b6eaedfac247bd7b686733cc9ffba3c383c8906e0f883f616b23000b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Xuceov.js
Size

200KB
Sample

230511-qk46eafc5z
MD5

57a3a1d7488258dc5827819050a325bc
SHA1

1d633c3526a578af5ed543749a4131389518213d
SHA256

3c110511b6eaedfac247bd7b686733cc9ffba3c383c8906e0f883f616b23000b
SHA512

bcbc0ee6dbac06353a01ed2be9b00290c36cb37ba27a06e7a2963dda17359d913ddfd2620af107b8d2583698e399f9bcccd6407196baa99510afa274bc2c1512
SSDEEP

1536:2IOeNlX9U+hDubyvBn3rrd+IcHZAIetUAgTfhwHcQ+yp011Yd3zDZLHVYfbQrNAf:9O8X6+1n3rrd+IcHZAJasp/db+cCWBtc

Score

8^/10

Malware Config

Targets

- Target
  
  Xuceov.js
- Size
  
  200KB
- MD5
  
  57a3a1d7488258dc5827819050a325bc
- SHA1
  
  1d633c3526a578af5ed543749a4131389518213d
- SHA256
  
  3c110511b6eaedfac247bd7b686733cc9ffba3c383c8906e0f883f616b23000b
- SHA512
  
  bcbc0ee6dbac06353a01ed2be9b00290c36cb37ba27a06e7a2963dda17359d913ddfd2620af107b8d2583698e399f9bcccd6407196baa99510afa274bc2c1512
- SSDEEP
  
  1536:2IOeNlX9U+hDubyvBn3rrd+IcHZAIetUAgTfhwHcQ+yp011Yd3zDZLHVYfbQrNAf:9O8X6+1n3rrd+IcHZAJasp/db+cCWBtc
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2