cea0787fe709eb7bd1f4572d915f64c70f3fb2d0467373885c3f452c7b7064f7 | Triage

Sharing

General

Target

a4Shj8mMCjLAS9.js
Size

366KB
Sample

230614-jge9jsed68
MD5

102c38ddb3bc1cae7fbf642676d7b94b
SHA1

894d9bf093eebe44c0ce219d22055ed7ab965453
SHA256

cea0787fe709eb7bd1f4572d915f64c70f3fb2d0467373885c3f452c7b7064f7
SHA512

fb08b0171456e7084979882794347c8dd9aece92c6d472866de9d4f3ff89e270753d20699bb970fa43299c049be142a4511f51058fdad49e4aabe02fd6a5cc58
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbse+N5odTxV/hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygw

Score

8^/10

Malware Config

Targets

- Target
  
  a4Shj8mMCjLAS9.js
- Size
  
  366KB
- MD5
  
  102c38ddb3bc1cae7fbf642676d7b94b
- SHA1
  
  894d9bf093eebe44c0ce219d22055ed7ab965453
- SHA256
  
  cea0787fe709eb7bd1f4572d915f64c70f3fb2d0467373885c3f452c7b7064f7
- SHA512
  
  fb08b0171456e7084979882794347c8dd9aece92c6d472866de9d4f3ff89e270753d20699bb970fa43299c049be142a4511f51058fdad49e4aabe02fd6a5cc58
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbse+N5odTxV/hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygw
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2