Overview

overview

10

Static

static

1

EFHO0369.js

windows7-x64

10

EFHO0369.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    EFHO0369.js

  • Size

    508KB

  • Sample

    230523-s9chssgh3x

  • MD5

    d6a42fe73b1e636b43363b7cfc631bff

  • SHA1

    56e7bdce4206ef3037e835612b3c861e07961a0b

  • SHA256

    62a25a18791e8b6e750a735dcaf990ce01da2c028a0282a3f4132783699dde8d

  • SHA512

    386e154902830d86e3d8b23c11d812df496136a7db13843fb0a6fdbf9aa232bb6866a17fed1b87315e045fc8dc934280269d23ad3f46c20ccd4c08b3fe09a291

  • SSDEEP

    3072:M9aXpR0IWmtlslaLzcebFj0P8d+PO0vMlAaQlx0wkNrRP5hOTMvM6zZBzzLIYuUK:l0+Md

Score
10/10

Malware Config

Targets

    • Target

      EFHO0369.js

    • Size

      508KB

    • MD5

      d6a42fe73b1e636b43363b7cfc631bff

    • SHA1

      56e7bdce4206ef3037e835612b3c861e07961a0b

    • SHA256

      62a25a18791e8b6e750a735dcaf990ce01da2c028a0282a3f4132783699dde8d

    • SHA512

      386e154902830d86e3d8b23c11d812df496136a7db13843fb0a6fdbf9aa232bb6866a17fed1b87315e045fc8dc934280269d23ad3f46c20ccd4c08b3fe09a291

    • SSDEEP

      3072:M9aXpR0IWmtlslaLzcebFj0P8d+PO0vMlAaQlx0wkNrRP5hOTMvM6zZBzzLIYuUK:l0+Md

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks