624989492bf6afc7ccfee15eecbb3678847319f5acbc4f470a1883deb54cbccb | Triage

Sharing

General

Target

Qdoslzds.7z
Size

78KB
Sample

230518-xgnskscd2t
MD5

3b9d042c9ea2415f045ef91e3578d395
SHA1

5ae3a3b7443566bebe4e991bc20de21f4247e7cc
SHA256

624989492bf6afc7ccfee15eecbb3678847319f5acbc4f470a1883deb54cbccb
SHA512

69c614495d4bb0d6b2187dfeea3d12ed467973ff1ee4985baf01a61147f9e03d4e3a35b4d5497e5ea2e65b9138caa5e3d6f5621a4c82e4e94e94108e30b1c1b2
SSDEEP

1536:yZtdvCnJgF3mCwTBo2BtFm0qeiDiOIJeni8NUYcvU+WNYviK91ch/f3ho:yDdUJgFWCOBoaFmDexnJeni86Tvtp19r

Score

8^/10

Malware Config

Targets

- Target
  
  Qdoslzds.js
- Size
  
  289KB
- MD5
  
  fde37c6a9854e6e367015ef155660261
- SHA1
  
  d4bbf0d5e72bcb0d0ca2344753b6b97cdc6d809b
- SHA256
  
  d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9f
- SHA512
  
  204dcf7546083662cfadbd61e48fed047ef893f19861c58723db3214d335f14910eb3079814eda60d3f2b8e1199f993e380c2b3edc084ddc913dfd6b04d881ef
- SSDEEP
  
  6144:ZvXUgy8006Aub+8wwiS5gd1ce82Ad4x000UE:Z/Ly
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2