2dae93e4b7c7c6d149df3f3171cfff9d70aa5814668e10c23ad5fdbe3a8de584 | Triage

Sharing

General

Target

hau7AToIbdSy.js
Size

296KB
Sample

230614-hryyzadh25
MD5

ce61f99a97287ea40e65a7805c15332c
SHA1

7ff3d0aa63f9493023a37452a73a36f35262ef08
SHA256

2dae93e4b7c7c6d149df3f3171cfff9d70aa5814668e10c23ad5fdbe3a8de584
SHA512

a34cccf4b769a5d7c6b82b7a1d725f83d13fd9f536131b143e86b3f4c2b9769ef19dcc1e6133da73b001a1b5902ef23faa1948e29326129fd2e4db3625098018
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbePCYhS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygB

Score

8^/10

Malware Config

Targets

- Target
  
  hau7AToIbdSy.js
- Size
  
  296KB
- MD5
  
  ce61f99a97287ea40e65a7805c15332c
- SHA1
  
  7ff3d0aa63f9493023a37452a73a36f35262ef08
- SHA256
  
  2dae93e4b7c7c6d149df3f3171cfff9d70aa5814668e10c23ad5fdbe3a8de584
- SHA512
  
  a34cccf4b769a5d7c6b82b7a1d725f83d13fd9f536131b143e86b3f4c2b9769ef19dcc1e6133da73b001a1b5902ef23faa1948e29326129fd2e4db3625098018
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbePCYhS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygB
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2