e4024bea1eeadaf2d82a7cb32c9dcd24d84e2a4ed71f9018f6fd2365304e0163 | Triage

Sharing

General

Target

Belliferous.js
Size

262KB
Sample

230524-21vsfsff3y
MD5

4d05726e9036947c1bfa1255a3628129
SHA1

a31dd440a5c23a67285248dba327b76cb3975d6f
SHA256

e4024bea1eeadaf2d82a7cb32c9dcd24d84e2a4ed71f9018f6fd2365304e0163
SHA512

a5109e9742f6d0ce3eec19d3ed855cbc579ecb2b461829e68081ffbb09396fcb5248473594b157fd874491b0abf9ee5a3c9e6f08938c68349e6f00134931e2fe
SSDEEP

3072:UDHG+bxt2vI3a3wLK4woNhdz/aiVQ4aIvXaf6iG7Ty2Yr9fWd3BHXpjz6O:UDm+tt2vsffwo5BVLDvvpTYZudxHj

Score

8^/10

Malware Config

Targets

- Target
  
  Belliferous.js
- Size
  
  262KB
- MD5
  
  4d05726e9036947c1bfa1255a3628129
- SHA1
  
  a31dd440a5c23a67285248dba327b76cb3975d6f
- SHA256
  
  e4024bea1eeadaf2d82a7cb32c9dcd24d84e2a4ed71f9018f6fd2365304e0163
- SHA512
  
  a5109e9742f6d0ce3eec19d3ed855cbc579ecb2b461829e68081ffbb09396fcb5248473594b157fd874491b0abf9ee5a3c9e6f08938c68349e6f00134931e2fe
- SSDEEP
  
  3072:UDHG+bxt2vI3a3wLK4woNhdz/aiVQ4aIvXaf6iG7Ty2Yr9fWd3BHXpjz6O:UDm+tt2vsffwo5BVLDvvpTYZudxHj
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2