Overview

overview

10

Static

static

1

523b7eee7d..._JC.js

windows7-x64

10

523b7eee7d..._JC.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    523b7eee7d8dc641bf2a9675621b82b3934f222a5ad73746416d333bea7132fa_JC.js

  • Size

    462KB

  • Sample

    231011-rffspacb2x

  • MD5

    1074a625d6897ffc3776404e964530ae

  • SHA1

    a08400c7e727823abfbf5c98c20daccfad67b682

  • SHA256

    523b7eee7d8dc641bf2a9675621b82b3934f222a5ad73746416d333bea7132fa

  • SHA512

    7d636e3fc278f1487f4e7b9c134c29d509bf7874a99d079e5b2bae8fea079ee1915581527a75d3c62cb837322f7303b4722628bc2434d121fb1b4f37bf99ae21

  • SSDEEP

    12288:HiZZZZ7iZZZZ7iZZZZ7iZZZZdiZZZZ7iZZZZ7iZZZZ7iZZZZ7iZZZZ7iZZZZ7iZ7:i

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/611/936/original/new_image_rump_js.jpg?1695057372
exe.dropper

https://uploaddeimagens.com.br/images/004/611/936/original/new_image_rump_js.jpg?1695057372

Targets

    • Target

      523b7eee7d8dc641bf2a9675621b82b3934f222a5ad73746416d333bea7132fa_JC.js

    • Size

      462KB

    • MD5

      1074a625d6897ffc3776404e964530ae

    • SHA1

      a08400c7e727823abfbf5c98c20daccfad67b682

    • SHA256

      523b7eee7d8dc641bf2a9675621b82b3934f222a5ad73746416d333bea7132fa

    • SHA512

      7d636e3fc278f1487f4e7b9c134c29d509bf7874a99d079e5b2bae8fea079ee1915581527a75d3c62cb837322f7303b4722628bc2434d121fb1b4f37bf99ae21

    • SSDEEP

      12288:HiZZZZ7iZZZZ7iZZZZ7iZZZZdiZZZZ7iZZZZ7iZZZZ7iZZZZ7iZZZZ7iZZZZ7iZ7:i

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks