01a8735ace5e349ab46b286cae6658931fca9521f3cc640fe6f03951392a36bb | Triage

Sharing

General

Target

Gnbec.js
Size

284KB
Sample

230516-qq8qsaba29
MD5

09898f199ab752767454a9073e15282f
SHA1

4d2bdf3e47a39fa418deafe0cbcd1f2f12093347
SHA256

01a8735ace5e349ab46b286cae6658931fca9521f3cc640fe6f03951392a36bb
SHA512

7ea486fba3e95a9b660f722362db42856d35d928d4a2dc930e8dd500f113e8d7a59c8d1315abe1a5a46ca8f40a11b043904a274971fb02c3496f226133e861ad
SSDEEP

3072:8Ra6vwAPaAtU0eUjidy0dI4eiVnXT95gQtNEs6:8Ra6VbU0xjidy0dIPiVnDh0s6

Score

8^/10

Malware Config

Targets

- Target
  
  Gnbec.js
- Size
  
  284KB
- MD5
  
  09898f199ab752767454a9073e15282f
- SHA1
  
  4d2bdf3e47a39fa418deafe0cbcd1f2f12093347
- SHA256
  
  01a8735ace5e349ab46b286cae6658931fca9521f3cc640fe6f03951392a36bb
- SHA512
  
  7ea486fba3e95a9b660f722362db42856d35d928d4a2dc930e8dd500f113e8d7a59c8d1315abe1a5a46ca8f40a11b043904a274971fb02c3496f226133e861ad
- SSDEEP
  
  3072:8Ra6vwAPaAtU0eUjidy0dI4eiVnXT95gQtNEs6:8Ra6VbU0xjidy0dIPiVnDh0s6
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2