8f929428a217ff296d65c32306eda42ed9b315bdbcb403bfcdfa02f897dbf926 | Triage

Sharing

General

Target

YtLn6Ctai99v.js
Size

347KB
Sample

230614-jg1kgsef3x
MD5

22eee5284f2009bf4e42338f3de7fde3
SHA1

778a5678cec8d79e61019a9cc7f68a72ea49103e
SHA256

8f929428a217ff296d65c32306eda42ed9b315bdbcb403bfcdfa02f897dbf926
SHA512

10a10f35ab0d943b099caecfeac63a07396108b2f4b6b7b4640d05a729dd647a5beb99d457941a5232c4180fea9183af6e32d1a5df64b0fe8aaff03ac7130499
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRb0U4+N61AilghS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/yg4

Score

8^/10

Malware Config

Targets

- Target
  
  YtLn6Ctai99v.js
- Size
  
  347KB
- MD5
  
  22eee5284f2009bf4e42338f3de7fde3
- SHA1
  
  778a5678cec8d79e61019a9cc7f68a72ea49103e
- SHA256
  
  8f929428a217ff296d65c32306eda42ed9b315bdbcb403bfcdfa02f897dbf926
- SHA512
  
  10a10f35ab0d943b099caecfeac63a07396108b2f4b6b7b4640d05a729dd647a5beb99d457941a5232c4180fea9183af6e32d1a5df64b0fe8aaff03ac7130499
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRb0U4+N61AilghS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/yg4
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2