fca6e4ce920b3ca4f952a600be33ee9b0ef05b88757542b885ed4e09d6d1c541 | Triage

Sharing

General

Target

Dlxw.js
Size

113KB
Sample

230523-gr2t7aeh4s
MD5

e65cfcec2bb25dba59fcc53c0f82a7c5
SHA1

3e3f44eb76e61aed2f84d30de4ef395be983a8b9
SHA256

fca6e4ce920b3ca4f952a600be33ee9b0ef05b88757542b885ed4e09d6d1c541
SHA512

66f3982fcee97a68d4591c67377fc40e857f21ecc0d9ba1b87d0711ba14ae5ed23889395f48b18e1fb0ccb218e68fb98daac4e5fdfcd0d60ae1639ae012184ae
SSDEEP

1536:pz3TaarwxCbb3+hj8xa2hHdY04Ao53h2Sct9Hd/0rEOnsqYDbdwySOljy:BaMPOy4Ao5R2SSHd/0rEOnsqYDbS9Oy

Score

8^/10

Malware Config

Targets

- Target
  
  Dlxw.js
- Size
  
  113KB
- MD5
  
  e65cfcec2bb25dba59fcc53c0f82a7c5
- SHA1
  
  3e3f44eb76e61aed2f84d30de4ef395be983a8b9
- SHA256
  
  fca6e4ce920b3ca4f952a600be33ee9b0ef05b88757542b885ed4e09d6d1c541
- SHA512
  
  66f3982fcee97a68d4591c67377fc40e857f21ecc0d9ba1b87d0711ba14ae5ed23889395f48b18e1fb0ccb218e68fb98daac4e5fdfcd0d60ae1639ae012184ae
- SSDEEP
  
  1536:pz3TaarwxCbb3+hj8xa2hHdY04Ao53h2Sct9Hd/0rEOnsqYDbdwySOljy:BaMPOy4Ao5R2SSHd/0rEOnsqYDbS9Oy
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2