913bc2607e7664226461bbbed249af5d73eea403b54d61d71ceb2f7ff4d01cdd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Hgmsmn.js
Size

169KB
Sample

230515-vkqp8sfa6t
MD5

3c77e821d67ddf14101135ffa3521e7b
SHA1

fa7e7335bde83c721e7a3d3c3c72bf6882a2317a
SHA256

913bc2607e7664226461bbbed249af5d73eea403b54d61d71ceb2f7ff4d01cdd
SHA512

5bc56e5b8230d5f21b50cab07327fd6a0281915f1e2e331f5ab7397a5d4d69bba2d4c85adf1de5a0506bd480c871e97f3186b3fe7a4c94b423c11b4b407232a3
SSDEEP

3072:UuvWvPs8m7YNYAVkAWWaoQd9oM/FUhynlkZAwfB:Uu+3YAVkA7aoQro8AzZAk

Score

8^/10

Malware Config

Targets

- Target
  
  Hgmsmn.js
- Size
  
  169KB
- MD5
  
  3c77e821d67ddf14101135ffa3521e7b
- SHA1
  
  fa7e7335bde83c721e7a3d3c3c72bf6882a2317a
- SHA256
  
  913bc2607e7664226461bbbed249af5d73eea403b54d61d71ceb2f7ff4d01cdd
- SHA512
  
  5bc56e5b8230d5f21b50cab07327fd6a0281915f1e2e331f5ab7397a5d4d69bba2d4c85adf1de5a0506bd480c871e97f3186b3fe7a4c94b423c11b4b407232a3
- SSDEEP
  
  3072:UuvWvPs8m7YNYAVkAWWaoQd9oM/FUhynlkZAwfB:Uu+3YAVkA7aoQro8AzZAk
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2