6321de7936d847f683743b176aebfceeedb90bf2a3e88c1369dee4a2b16608a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Oaihzi.js
Size

119KB
Sample

230523-eepyradf97
MD5

2b0636243eb7b74f0c46e51dcbb0d132
SHA1

3677e5849431e5fd4f65253d7d32ed6b6c898454
SHA256

6321de7936d847f683743b176aebfceeedb90bf2a3e88c1369dee4a2b16608a0
SHA512

3c4393f0fb2ecfdf7fef68572655368b29ebf0a15b0dfc3f1aa98eb6fe7964470b5b7bcd975c9297f227812f4a523ca63fa0340ec2cad61193ca05d2cdefd164
SSDEEP

3072:kEdNTPXzCwQcOG3YJt1APzGPVwHRAo9GZBUMru/m9PqAfeEQ:ndNTPewzOGoFymoVL+9PHf3Q

Score

8^/10

Malware Config

Targets

- Target
  
  Oaihzi.js
- Size
  
  119KB
- MD5
  
  2b0636243eb7b74f0c46e51dcbb0d132
- SHA1
  
  3677e5849431e5fd4f65253d7d32ed6b6c898454
- SHA256
  
  6321de7936d847f683743b176aebfceeedb90bf2a3e88c1369dee4a2b16608a0
- SHA512
  
  3c4393f0fb2ecfdf7fef68572655368b29ebf0a15b0dfc3f1aa98eb6fe7964470b5b7bcd975c9297f227812f4a523ca63fa0340ec2cad61193ca05d2cdefd164
- SSDEEP
  
  3072:kEdNTPXzCwQcOG3YJt1APzGPVwHRAo9GZBUMru/m9PqAfeEQ:ndNTPewzOGoFymoVL+9PHf3Q
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2