57868e0242c976965cdcb9cf7496dac7f85889ceb0663ef6bcba7233169749c7 | Triage

Sharing

General

Target

cqAO3SAUlM2hrT.js
Size

330KB
Sample

230614-lc2m4aff6v
MD5

8716df2ebf8121b3903b6fb420f315f4
SHA1

7ae2add6e8d9a6b030fb70b1955a22b31a694976
SHA256

57868e0242c976965cdcb9cf7496dac7f85889ceb0663ef6bcba7233169749c7
SHA512

66b79b2ded371ff050776495f5aee0292a429055e21b0a307ef06535c9e9c6141bc827a6e0bd4b0af13238d9e48f1f93e55bd5b362db4055064013093a355ae8
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbjeaAYUvKwD22XgGd661rPr1:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygA

Score

8^/10

Malware Config

Targets

- Target
  
  cqAO3SAUlM2hrT.js
- Size
  
  330KB
- MD5
  
  8716df2ebf8121b3903b6fb420f315f4
- SHA1
  
  7ae2add6e8d9a6b030fb70b1955a22b31a694976
- SHA256
  
  57868e0242c976965cdcb9cf7496dac7f85889ceb0663ef6bcba7233169749c7
- SHA512
  
  66b79b2ded371ff050776495f5aee0292a429055e21b0a307ef06535c9e9c6141bc827a6e0bd4b0af13238d9e48f1f93e55bd5b362db4055064013093a355ae8
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbjeaAYUvKwD22XgGd661rPr1:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygA
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2