dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

jquery-3.3...min.js

windows7-x64

1

jquery-3.3...min.js

windows10-2004-x64

7

Sharing

General

Target

jquery-3.3.1.slim.min.js
Size

68KB
Sample

231005-2n6n7ahg28
MD5

99b0a83cf1b0b1e2cb16041520e87641
SHA1

bc5836992c0b260496ba520fe1336d499bf06eb7
SHA256

dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
SHA512

33ea8c2353c745c61c3a927378995a59b555c76249c8f23065ab3ca2bedd73decb64ea248ef6e97d1c729a156d9492f28e2177c06cabd0524e0380cb38d2d52f
SSDEEP

1536:hLiMgk2gULYoXUmZx6+VWNL0kC8W90qU9JR7hDqEDqWSNB1gZFy/HG+FP:I8w0qU9JTtH3aP

Score

7^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

jquery-3.3.1.slim.min.js

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

jquery-3.3.1.slim.min.js

Resource

win10v2004-20230915-en

discovery persistence

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  jquery-3.3.1.slim.min.js
- Size
  
  68KB
- MD5
  
  99b0a83cf1b0b1e2cb16041520e87641
- SHA1
  
  bc5836992c0b260496ba520fe1336d499bf06eb7
- SHA256
  
  dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
- SHA512
  
  33ea8c2353c745c61c3a927378995a59b555c76249c8f23065ab3ca2bedd73decb64ea248ef6e97d1c729a156d9492f28e2177c06cabd0524e0380cb38d2d52f
- SSDEEP
  
  1536:hLiMgk2gULYoXUmZx6+VWNL0kC8W90qU9JR7hDqEDqWSNB1gZFy/HG+FP:I8w0qU9JTtH3aP
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy