6d0a751d9933f4ad527d7041728ec9a9a7c1e171056ded1eea6af5c183bba26b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dayanim.js
Size

303KB
Sample

230524-xesnraeb69
MD5

4cdc369bc02e5c88c78d83ba02a3585b
SHA1

2fbce558ae90a65fd522668e2a3ce3c69cc42d67
SHA256

6d0a751d9933f4ad527d7041728ec9a9a7c1e171056ded1eea6af5c183bba26b
SHA512

450349cd5ebb323a72bd1fc3f2b17729374d15ca76de83ab90b5e8a97cfc199c1cd09333abb4ab83e57470eb894116e7da6136bc6e1b04a9167727b50a19fbef
SSDEEP

3072:HaSVLofq1aRHEhy2mexxwPCYIMmus7cPDOlSXErDSn:HaSVLSqAShy2me1Ytr9PDZUrDSn

Score

8^/10

Malware Config

Targets

- Target
  
  dayanim.js
- Size
  
  303KB
- MD5
  
  4cdc369bc02e5c88c78d83ba02a3585b
- SHA1
  
  2fbce558ae90a65fd522668e2a3ce3c69cc42d67
- SHA256
  
  6d0a751d9933f4ad527d7041728ec9a9a7c1e171056ded1eea6af5c183bba26b
- SHA512
  
  450349cd5ebb323a72bd1fc3f2b17729374d15ca76de83ab90b5e8a97cfc199c1cd09333abb4ab83e57470eb894116e7da6136bc6e1b04a9167727b50a19fbef
- SSDEEP
  
  3072:HaSVLofq1aRHEhy2mexxwPCYIMmus7cPDOlSXErDSn:HaSVLSqAShy2me1Ytr9PDZUrDSn
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2