8ee8c95445f7ea9313516a1389bff169a9ad85ef7dc9f16927379bc0e175257e | Triage

Sharing

General

Target

jerrycansSchedu.js
Size

288KB
Sample

230525-hkstdagh6z
MD5

2b6c04bc108d91c3c8109c9d5f2b1926
SHA1

38491db66d4d9072c469305419c4d2758c756231
SHA256

8ee8c95445f7ea9313516a1389bff169a9ad85ef7dc9f16927379bc0e175257e
SHA512

7adcc17825e52c34895396a9f513a01f3d6799a7ce37871480cb4871048984bc4e32c1f8c8bc9be557c630f877caa42fe428cc15142fad4f3a655dda8b77dcf1
SSDEEP

6144:lakYe5YvF6y00S39M7zfylvpBIMK6wwkoskYmIh:lg8x8

Score

8^/10

Malware Config

Targets

- Target
  
  jerrycansSchedu.js
- Size
  
  288KB
- MD5
  
  2b6c04bc108d91c3c8109c9d5f2b1926
- SHA1
  
  38491db66d4d9072c469305419c4d2758c756231
- SHA256
  
  8ee8c95445f7ea9313516a1389bff169a9ad85ef7dc9f16927379bc0e175257e
- SHA512
  
  7adcc17825e52c34895396a9f513a01f3d6799a7ce37871480cb4871048984bc4e32c1f8c8bc9be557c630f877caa42fe428cc15142fad4f3a655dda8b77dcf1
- SSDEEP
  
  6144:lakYe5YvF6y00S39M7zfylvpBIMK6wwkoskYmIh:lg8x8
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2