bd62f50f05b90748d8389313f9f9e92ab5224ef1f4cdbe5a98488ba055aec3bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Imted.js
Size

126KB
Sample

230523-llqxysef62
MD5

f2e3142a84dfe138d018cca927ac1428
SHA1

621430cdf1859005f58180fae5c19ef84bb2f577
SHA256

bd62f50f05b90748d8389313f9f9e92ab5224ef1f4cdbe5a98488ba055aec3bf
SHA512

8f2a7f6e854e44872c254739da62e2815742a6d819d79025b5c1fe607dec7f7093795d32a945e169c5b20c72c67394b6ea6367828632a90060e8f89d6aeb6b94
SSDEEP

1536:pz3/QcgTwXPwqoFeXYbuJHcZbqz0Tav8yT0KEDRwvqP2jvLpzngyiU7akLBpHxrq:dQ3O+7b48Zbq6a/T0KEDRCqP2D9ky2yw

Score

8^/10

Malware Config

Targets

- Target
  
  Imted.js
- Size
  
  126KB
- MD5
  
  f2e3142a84dfe138d018cca927ac1428
- SHA1
  
  621430cdf1859005f58180fae5c19ef84bb2f577
- SHA256
  
  bd62f50f05b90748d8389313f9f9e92ab5224ef1f4cdbe5a98488ba055aec3bf
- SHA512
  
  8f2a7f6e854e44872c254739da62e2815742a6d819d79025b5c1fe607dec7f7093795d32a945e169c5b20c72c67394b6ea6367828632a90060e8f89d6aeb6b94
- SSDEEP
  
  1536:pz3/QcgTwXPwqoFeXYbuJHcZbqz0Tav8yT0KEDRwvqP2jvLpzngyiU7akLBpHxrq:dQ3O+7b48Zbq6a/T0KEDRCqP2D9ky2yw
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2