ccca70bc38f9c4f8832482f515ab6bb37f2d6fc7e459cb5114768bf05f378f96 | Triage

Sharing

General

Target

UyVdZNG1VBF0.js
Size

316KB
Sample

230614-jjqhasef7s
MD5

85b1eea64d1e3db9bb31b7f05eb37809
SHA1

50addb112aeec08c2a523f90982df922f7f85261
SHA256

ccca70bc38f9c4f8832482f515ab6bb37f2d6fc7e459cb5114768bf05f378f96
SHA512

10efb88b4654d4433980be2b8f6afa4911ec0bde88365fd1ac14fbd53b00248dc5661f6b039aa62c74c87b8056255651a8d620bc984f1afab6f1493d8f14204f
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbv1Uap6Fa0nj/HAj0vhS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygL

Score

8^/10

Malware Config

Targets

- Target
  
  UyVdZNG1VBF0.js
- Size
  
  316KB
- MD5
  
  85b1eea64d1e3db9bb31b7f05eb37809
- SHA1
  
  50addb112aeec08c2a523f90982df922f7f85261
- SHA256
  
  ccca70bc38f9c4f8832482f515ab6bb37f2d6fc7e459cb5114768bf05f378f96
- SHA512
  
  10efb88b4654d4433980be2b8f6afa4911ec0bde88365fd1ac14fbd53b00248dc5661f6b039aa62c74c87b8056255651a8d620bc984f1afab6f1493d8f14204f
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbv1Uap6Fa0nj/HAj0vhS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygL
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2