b3dda1a2107fa6eef2b6793d30ce34af5af63da9e66373f7a6d4f095a5ea470a | Triage

Sharing

General

Target

Gpunw.js
Size

113KB
Sample

230523-ay379sea5v
MD5

f0fc8a6f8f55d729fed974eb2c64e9ce
SHA1

298f6d512a3a32d3d4e8fc69e05155cbb8810df7
SHA256

b3dda1a2107fa6eef2b6793d30ce34af5af63da9e66373f7a6d4f095a5ea470a
SHA512

864bda7cf7fe41988499e40164d1a7ea352479d0b3b3d964c9145ef4754515678fbb6dbe96ebced919a6c42d549197ee9aa0fb605b900be698907481737df051
SSDEEP

1536:pz3dgEySoVpfCBHRJHvpkzLRxzX2MZgMnhns+Jl4QDuu1fTjy:0CGCHRdvpkzLRxzmMZgMnS+Jluu2

Score

8^/10

Malware Config

Targets

- Target
  
  Gpunw.js
- Size
  
  113KB
- MD5
  
  f0fc8a6f8f55d729fed974eb2c64e9ce
- SHA1
  
  298f6d512a3a32d3d4e8fc69e05155cbb8810df7
- SHA256
  
  b3dda1a2107fa6eef2b6793d30ce34af5af63da9e66373f7a6d4f095a5ea470a
- SHA512
  
  864bda7cf7fe41988499e40164d1a7ea352479d0b3b3d964c9145ef4754515678fbb6dbe96ebced919a6c42d549197ee9aa0fb605b900be698907481737df051
- SSDEEP
  
  1536:pz3dgEySoVpfCBHRJHvpkzLRxzX2MZgMnhns+Jl4QDuu1fTjy:0CGCHRdvpkzLRxzmMZgMnS+Jluu2
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2