Overview

overview

10

Static

static

1

Notice.js

windows7-x64

10

Notice.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Notice.js

  • Size

    4KB

  • Sample

    231013-yyt7csfh81

  • MD5

    5a7d1f3feffa16ebe0b0f9bb122c6571

  • SHA1

    eaa972c32a565be952b411758238ee98b057da21

  • SHA256

    3fd82a5c67ff343a9e4eee7b8d69a895cd7fb12f993bd489a9b0d33b84eecd7d

  • SHA512

    aa3fb6fff2f213a69eb8da40ca31018bacffb43743f7b0212e4dac96bf91ddacd2a034dd0cc6841304af733c0f2bc9bc0c0755badf51bf5e4cb60d9c9a9e1cf8

  • SSDEEP

    96:ZgFNKEWFXT74Q7kv6N47Ube21NJftaRvS216aKbXxz:gYXFXT7N7Y6K7SR1HfIvS216aKbXxz

Score
10/10

Malware Config

Targets

    • Target

      Notice.js

    • Size

      4KB

    • MD5

      5a7d1f3feffa16ebe0b0f9bb122c6571

    • SHA1

      eaa972c32a565be952b411758238ee98b057da21

    • SHA256

      3fd82a5c67ff343a9e4eee7b8d69a895cd7fb12f993bd489a9b0d33b84eecd7d

    • SHA512

      aa3fb6fff2f213a69eb8da40ca31018bacffb43743f7b0212e4dac96bf91ddacd2a034dd0cc6841304af733c0f2bc9bc0c0755badf51bf5e4cb60d9c9a9e1cf8

    • SSDEEP

      96:ZgFNKEWFXT74Q7kv6N47Ube21NJftaRvS216aKbXxz:gYXFXT7N7Y6K7SR1HfIvS216aKbXxz

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks