31ccfaa5712d69d60b7e697025571a423aeac9137f2bd317514defa3bbf2be69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60341.js
Size

245KB
Sample

230523-yltp3ahh8s
MD5

c7eefb49abf4ca2e8b99ad9a1b4621cf
SHA1

f76576b4e7d09887494d08aab36fd17abe61e085
SHA256

31ccfaa5712d69d60b7e697025571a423aeac9137f2bd317514defa3bbf2be69
SHA512

d9fbe447b1a9e79229fe71b47ed792b95ecbb073c5bb90684a87b839ad71ab59b53e61d639822e5d89085c715dfa57879a84d9cc11e55118bec393109fd867f9
SSDEEP

3072:ZSRzcTs7mKsqL7eqzDwUU6xvz9zP1QKfCmgH/LhzE6wpXJ1GnW:ZSRzcg7kqYUUMz9zHCrNi51EW

Score

8^/10

Malware Config

Targets

- Target
  
  60341.js
- Size
  
  245KB
- MD5
  
  c7eefb49abf4ca2e8b99ad9a1b4621cf
- SHA1
  
  f76576b4e7d09887494d08aab36fd17abe61e085
- SHA256
  
  31ccfaa5712d69d60b7e697025571a423aeac9137f2bd317514defa3bbf2be69
- SHA512
  
  d9fbe447b1a9e79229fe71b47ed792b95ecbb073c5bb90684a87b839ad71ab59b53e61d639822e5d89085c715dfa57879a84d9cc11e55118bec393109fd867f9
- SSDEEP
  
  3072:ZSRzcTs7mKsqL7eqzDwUU6xvz9zP1QKfCmgH/LhzE6wpXJ1GnW:ZSRzcg7kqYUUMz9zHCrNi51EW
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2