1e567b4015164976fee603e26a6bff005f1d0bee5c66f2b55c5a715d318a3699 | Triage

Sharing

General

Target

cz3EfRwcgvveH.js
Size

345KB
Sample

230614-je9elsed33
MD5

35ce6e13e1f3b40f19dd2e7c2f4d8bda
SHA1

f314f524514b951d1c05c108c0ed7739c1d77331
SHA256

1e567b4015164976fee603e26a6bff005f1d0bee5c66f2b55c5a715d318a3699
SHA512

12b7779c9b55ae9a98b87015c092b1f9a2f27458c655d6cdadb08583f8b90a615be3fa637bd85c7d371702d14f96be0a88407748ac663294d168b61d42e02109
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbxVvALN5IAbghS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygQ

Score

8^/10

Malware Config

Targets

- Target
  
  cz3EfRwcgvveH.js
- Size
  
  345KB
- MD5
  
  35ce6e13e1f3b40f19dd2e7c2f4d8bda
- SHA1
  
  f314f524514b951d1c05c108c0ed7739c1d77331
- SHA256
  
  1e567b4015164976fee603e26a6bff005f1d0bee5c66f2b55c5a715d318a3699
- SHA512
  
  12b7779c9b55ae9a98b87015c092b1f9a2f27458c655d6cdadb08583f8b90a615be3fa637bd85c7d371702d14f96be0a88407748ac663294d168b61d42e02109
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbxVvALN5IAbghS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygQ
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2