92506fe773db7472e7782dbb5403548323e65a9eb2e4c15f9ac65ee6c4bd908b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Inv_Scan_06_15(72).js
Size

797KB
Sample

230615-3svm6abh24
MD5

5f67a2c149401addd1224a4f1c191d07
SHA1

d0a229b6d14fd3c32c8f696b97717b86644c1b6b
SHA256

92506fe773db7472e7782dbb5403548323e65a9eb2e4c15f9ac65ee6c4bd908b
SHA512

7a68e3057abdbe9892b6217ed1ed9a39fd63811446e16ab5e3056ac6c0ce08a15b9052c1288dc6f0af72939112fdf02cf2999749d665a91ec4ecf1aeae8ac21f
SSDEEP

24576:Gpt/GAh0WbGhCxS2f1Tyj53rpeMnaEEfutJAFMMGDhRvu4nMJUTe1ka6MdF2lXSh:Aw7WbGhCxS2f1Tyj53rpeMnaE6utJAFF

Score

8^/10

Malware Config

Targets

- Target
  
  Inv_Scan_06_15(72).js
- Size
  
  797KB
- MD5
  
  5f67a2c149401addd1224a4f1c191d07
- SHA1
  
  d0a229b6d14fd3c32c8f696b97717b86644c1b6b
- SHA256
  
  92506fe773db7472e7782dbb5403548323e65a9eb2e4c15f9ac65ee6c4bd908b
- SHA512
  
  7a68e3057abdbe9892b6217ed1ed9a39fd63811446e16ab5e3056ac6c0ce08a15b9052c1288dc6f0af72939112fdf02cf2999749d665a91ec4ecf1aeae8ac21f
- SSDEEP
  
  24576:Gpt/GAh0WbGhCxS2f1Tyj53rpeMnaEEfutJAFMMGDhRvu4nMJUTe1ka6MdF2lXSh:Aw7WbGhCxS2f1Tyj53rpeMnaE6utJAFF
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2