3bda63a1f8c60521a0d35aa8c567de92bad4caa26a67b10f9c32a40f7498fb44 | Triage

Sharing

General

Target

PKDY2uSbGkVPn.js
Size

332KB
Sample

230614-jmj5paee95
MD5

c4c442f4b941e8a62edddaf47602eb94
SHA1

6fbd7b9d34b8f72a94a0ae08ba216587f3e09b0a
SHA256

3bda63a1f8c60521a0d35aa8c567de92bad4caa26a67b10f9c32a40f7498fb44
SHA512

b7971d8eab09579733bbf8fe021b0f488cd395d0f6f83e172c80d7fd25a89b9de6e596c39bbddb545d1ca3cb4c75c9b6db52f4ffa82edd20b7fdbc9fdf55ff2d
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbCa++0aVtiX1hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/yg/

Score

8^/10

Malware Config

Targets

- Target
  
  PKDY2uSbGkVPn.js
- Size
  
  332KB
- MD5
  
  c4c442f4b941e8a62edddaf47602eb94
- SHA1
  
  6fbd7b9d34b8f72a94a0ae08ba216587f3e09b0a
- SHA256
  
  3bda63a1f8c60521a0d35aa8c567de92bad4caa26a67b10f9c32a40f7498fb44
- SHA512
  
  b7971d8eab09579733bbf8fe021b0f488cd395d0f6f83e172c80d7fd25a89b9de6e596c39bbddb545d1ca3cb4c75c9b6db52f4ffa82edd20b7fdbc9fdf55ff2d
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbCa++0aVtiX1hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/yg/
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2