General

  • Target

    docu_DF631_Jun_14.zip

  • Size

    22KB

  • Sample

    230614-qq8e1shf6w

  • MD5

    017d4bf10455d3a57c3b017c2411db16

  • SHA1

    99d08dd33da775549d6debc61c9055965f0e22fb

  • SHA256

    dfe99e49909839abaa99142b09b1e8eaf4d5ceb9e5880e75b045fc2c805c4f7e

  • SHA512

    5992200c2a071716622b0c50e119f4a7b3e14f27eb04fbd4a5d8a620c70f50fdfc26559550c8289d35f189b280c38b34197f1b280ee496917662fc13071f3d75

  • SSDEEP

    384:WfIIlFdUXwhFCQjpj3fIIlFdUXwhFCQjpjofIIlFdUXwhFCQjpjX:nI/PnCQjlwI/PnCQjl1I/PnCQjlX

Score
8/10

Malware Config

Targets

    • Target

      docu_DF631_Jun_14_1.js

    • Size

      22KB

    • MD5

      c6c69d731f0d8972ad9c949054fe3a61

    • SHA1

      c5d8530883a26074eea3bcaee046930710b70c53

    • SHA256

      b0deea498617139a91f4fa0c43645268d0cdb0e5e7c19f31957c4708b7675875

    • SHA512

      57f4220019e12d21a95fa4d1fc35cba6cf2f034c4663959c6b6dccbab93c9f5fd75f634aa6ef9e72e5ac1b11d11e28c4789bcfc9b6ccc1c8eacdc5529217ad49

    • SSDEEP

      384:IlxwNHnWmEwxhJyyzgZT7yOjOt4kmtd70Sft:IlxwtWpwM9yV2d

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      docu_DF631_Jun_14_2.js

    • Size

      22KB

    • MD5

      c6c69d731f0d8972ad9c949054fe3a61

    • SHA1

      c5d8530883a26074eea3bcaee046930710b70c53

    • SHA256

      b0deea498617139a91f4fa0c43645268d0cdb0e5e7c19f31957c4708b7675875

    • SHA512

      57f4220019e12d21a95fa4d1fc35cba6cf2f034c4663959c6b6dccbab93c9f5fd75f634aa6ef9e72e5ac1b11d11e28c4789bcfc9b6ccc1c8eacdc5529217ad49

    • SSDEEP

      384:IlxwNHnWmEwxhJyyzgZT7yOjOt4kmtd70Sft:IlxwtWpwM9yV2d

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      docu_DF631_Jun_14_3.js

    • Size

      22KB

    • MD5

      c6c69d731f0d8972ad9c949054fe3a61

    • SHA1

      c5d8530883a26074eea3bcaee046930710b70c53

    • SHA256

      b0deea498617139a91f4fa0c43645268d0cdb0e5e7c19f31957c4708b7675875

    • SHA512

      57f4220019e12d21a95fa4d1fc35cba6cf2f034c4663959c6b6dccbab93c9f5fd75f634aa6ef9e72e5ac1b11d11e28c4789bcfc9b6ccc1c8eacdc5529217ad49

    • SSDEEP

      384:IlxwNHnWmEwxhJyyzgZT7yOjOt4kmtd70Sft:IlxwtWpwM9yV2d

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks