dfcad15cbe8bff713314959ad68cf7b5cbc2c50fb7ab1cd331ca88507893f323 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

oU9jY5oNkYj5.js
Size

289KB
Sample

230615-hekwkseh7y
MD5

44cf31718cc520e24aa752ab4e873260
SHA1

e277355ca4d5f114e961273a63295bb297230dcc
SHA256

dfcad15cbe8bff713314959ad68cf7b5cbc2c50fb7ab1cd331ca88507893f323
SHA512

be8b75471799aa8f287acf615a87d0745b049333a2612f4bdd3f129bdaa6223621ee218ac6ff27bd078fa0e832535761699102b9b4898d3d118a47b8aaffb7d8
SSDEEP

6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbHFvb+sAVyCUd6hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygp

Score

8^/10

Malware Config

Targets

- Target
  
  oU9jY5oNkYj5.js
- Size
  
  289KB
- MD5
  
  44cf31718cc520e24aa752ab4e873260
- SHA1
  
  e277355ca4d5f114e961273a63295bb297230dcc
- SHA256
  
  dfcad15cbe8bff713314959ad68cf7b5cbc2c50fb7ab1cd331ca88507893f323
- SHA512
  
  be8b75471799aa8f287acf615a87d0745b049333a2612f4bdd3f129bdaa6223621ee218ac6ff27bd078fa0e832535761699102b9b4898d3d118a47b8aaffb7d8
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbHFvb+sAVyCUd6hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygp
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2