6b72829cd473d25615b9fb0b660c99ec56dcb5167930c5bea8ea4e9e7f1f5ee2 | Triage

Sharing

General

Target

dayanim.js
Size

303KB
Sample

230525-b88q6sgb6x
MD5

f0d2e397da128050cb2d794ffdc161b8
SHA1

1c7e695859010f1c34accdfde35fa53bb5bcd79e
SHA256

6b72829cd473d25615b9fb0b660c99ec56dcb5167930c5bea8ea4e9e7f1f5ee2
SHA512

d5aa1bcf6a6073076413c63445b67a5043e6cb1b756bc1f7c7e6a064919113a93db96a419200d9f0001b43b419f154b994b115cd20d1a152824a55bd774317e2
SSDEEP

3072:HaSVLofq1aRHEhy2mexxwPCYIMmus7cPDOlSXErDSC:HaSVLSqAShy2me1Ytr9PDZUrDSC

Score

8^/10

Malware Config

Targets

- Target
  
  dayanim.js
- Size
  
  303KB
- MD5
  
  f0d2e397da128050cb2d794ffdc161b8
- SHA1
  
  1c7e695859010f1c34accdfde35fa53bb5bcd79e
- SHA256
  
  6b72829cd473d25615b9fb0b660c99ec56dcb5167930c5bea8ea4e9e7f1f5ee2
- SHA512
  
  d5aa1bcf6a6073076413c63445b67a5043e6cb1b756bc1f7c7e6a064919113a93db96a419200d9f0001b43b419f154b994b115cd20d1a152824a55bd774317e2
- SSDEEP
  
  3072:HaSVLofq1aRHEhy2mexxwPCYIMmus7cPDOlSXErDSC:HaSVLSqAShy2me1Ytr9PDZUrDSC
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2