52b61960257859701292ee8a17c51f355b7c22718721ee2e02cb117e16e617e4

General

Target

52b61960257859701292ee8a17c51f355b7c22718721ee2e02cb117e16e617e4_JC.js
Size

470KB
Sample

231012-pgc23sbh54
MD5

0e5ed09b3b7c91463dd4f068b5e3dd81
SHA1

a4d2f2ed40355923422224a3f7c80a7f7c6707e6
SHA256

52b61960257859701292ee8a17c51f355b7c22718721ee2e02cb117e16e617e4
SHA512

e2484891e0948369b7c8afb2b22af615ad67ab03fdab7353810d2876b1b882ae461e856751681a0f4134e6adf4d424e507863235955cf1e38eaeca0f624d915e
SSDEEP

12288:DA3333cA3333cA3333cA3333J17A3333cA3333cA3333cA3333cA3333cA3333cc:DA3333cA3333cA3333cA33333A3333ck

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

ps1.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

exe.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

Targets

- Target
  
  52b61960257859701292ee8a17c51f355b7c22718721ee2e02cb117e16e617e4_JC.js
- Size
  
  470KB
- MD5
  
  0e5ed09b3b7c91463dd4f068b5e3dd81
- SHA1
  
  a4d2f2ed40355923422224a3f7c80a7f7c6707e6
- SHA256
  
  52b61960257859701292ee8a17c51f355b7c22718721ee2e02cb117e16e617e4
- SHA512
  
  e2484891e0948369b7c8afb2b22af615ad67ab03fdab7353810d2876b1b882ae461e856751681a0f4134e6adf4d424e507863235955cf1e38eaeca0f624d915e
- SSDEEP
  
  12288:DA3333cA3333cA3333cA3333J17A3333cA3333cA3333cA3333cA3333cA3333cc:DA3333cA3333cA3333cA33333A3333ck
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Checks computer location settings

Drops startup file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2