a92d920c5f0993e08e2ccf2f003d53ca0f1f4f2ff4ddaafc2d3e0b7fa2d9edbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

lgGcGg5QTG4yz.js
Size

324KB
Sample

230614-hqcpcadg77
MD5

ffa0a80fd297a4e6a988813a6a87df1b
SHA1

f9b80e902fb6df8f1b21fb52d2ca7409655ef475
SHA256

a92d920c5f0993e08e2ccf2f003d53ca0f1f4f2ff4ddaafc2d3e0b7fa2d9edbe
SHA512

808f9eead7afa0608674d2ee493d81906b75aa3ca93fb04ec00a5fe6a04b7103ac6357d179dbc8d490b2324d2bd1e9d12fe0855e9e3e634856170e4528ba343b
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbfRCaj2B6ihS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygj

Score

8^/10

Malware Config

Targets

- Target
  
  lgGcGg5QTG4yz.js
- Size
  
  324KB
- MD5
  
  ffa0a80fd297a4e6a988813a6a87df1b
- SHA1
  
  f9b80e902fb6df8f1b21fb52d2ca7409655ef475
- SHA256
  
  a92d920c5f0993e08e2ccf2f003d53ca0f1f4f2ff4ddaafc2d3e0b7fa2d9edbe
- SHA512
  
  808f9eead7afa0608674d2ee493d81906b75aa3ca93fb04ec00a5fe6a04b7103ac6357d179dbc8d490b2324d2bd1e9d12fe0855e9e3e634856170e4528ba343b
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbfRCaj2B6ihS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygj
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2