aa3b90a263a600deea80ebf948b7497631bd26618e5a626e3a54fbbd42c63e07 | Triage

Sharing

General

Target

a8wU6f0MPcjYu.js
Size

320KB
Sample

230613-wa9k2aab7z
MD5

651f45a047694300134e645dd187ee1e
SHA1

eb3863ce9815c7c28e490e0752a6c76c1a9abb39
SHA256

aa3b90a263a600deea80ebf948b7497631bd26618e5a626e3a54fbbd42c63e07
SHA512

c8cdce0864b892cdd7c2224832f77357d5bf9c13a21b45f919bd431fdd55c3d833307f4fe0621c217552ecb91563c8f65b24b36211e6a2d91839cd236af710ca
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbsqGds/+chS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygY

Score

8^/10

Malware Config

Targets

- Target
  
  a8wU6f0MPcjYu.js
- Size
  
  320KB
- MD5
  
  651f45a047694300134e645dd187ee1e
- SHA1
  
  eb3863ce9815c7c28e490e0752a6c76c1a9abb39
- SHA256
  
  aa3b90a263a600deea80ebf948b7497631bd26618e5a626e3a54fbbd42c63e07
- SHA512
  
  c8cdce0864b892cdd7c2224832f77357d5bf9c13a21b45f919bd431fdd55c3d833307f4fe0621c217552ecb91563c8f65b24b36211e6a2d91839cd236af710ca
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbsqGds/+chS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygY
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1