33db051325f4db54cf2f56d74014a4dfc198d1ac82fa029c69c028076c3cc33a | Triage

Sharing

General

Target

NlEyVR9lY1Wr.js
Size

340KB
Sample

230614-jn3neseg6x
MD5

655b983f80ab28e3f278b553b79d17b7
SHA1

465c6b22501a209da528c0630d78b8f86bf463bd
SHA256

33db051325f4db54cf2f56d74014a4dfc198d1ac82fa029c69c028076c3cc33a
SHA512

a81314f588b4de0e7d5015a10ab8f353581fb90b463d7db35a6ed3583e2f5660dc91fa76743a61dea6068a390e64b438d17f378e067ad68c8a854b1c387395f1
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRb87X9rthS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygD

Score

8^/10

Malware Config

Targets

- Target
  
  NlEyVR9lY1Wr.js
- Size
  
  340KB
- MD5
  
  655b983f80ab28e3f278b553b79d17b7
- SHA1
  
  465c6b22501a209da528c0630d78b8f86bf463bd
- SHA256
  
  33db051325f4db54cf2f56d74014a4dfc198d1ac82fa029c69c028076c3cc33a
- SHA512
  
  a81314f588b4de0e7d5015a10ab8f353581fb90b463d7db35a6ed3583e2f5660dc91fa76743a61dea6068a390e64b438d17f378e067ad68c8a854b1c387395f1
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRb87X9rthS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygD
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2