9230432b182ab7a828d024bca43c80fc0a3161d579932fd403ebb0c441309fae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

E-6.js
Size

413KB
Sample

231016-rfycqsgd7z
MD5

f33aa5fde88b857beecddbaf7b458462
SHA1

714f52910b5ad25f4367620f5080c1d296fc5fe8
SHA256

9230432b182ab7a828d024bca43c80fc0a3161d579932fd403ebb0c441309fae
SHA512

128a2eea881a1282d9c288f3ad2d174047379f6314f6b900b818016a7816e60828b2e7866a5b911642e41e1e6b1d2d83c106bb0053366581677c5f70d7336a31
SSDEEP

6144:hj38P9IwPaHP79bvi5u9r9pMrSxykQ+/weOMymjSXdxED3wNnQq:9OB+mNXdxE0Nn7

Score

8^/10

Malware Config

Targets

- Target
  
  E-6.js
- Size
  
  413KB
- MD5
  
  f33aa5fde88b857beecddbaf7b458462
- SHA1
  
  714f52910b5ad25f4367620f5080c1d296fc5fe8
- SHA256
  
  9230432b182ab7a828d024bca43c80fc0a3161d579932fd403ebb0c441309fae
- SHA512
  
  128a2eea881a1282d9c288f3ad2d174047379f6314f6b900b818016a7816e60828b2e7866a5b911642e41e1e6b1d2d83c106bb0053366581677c5f70d7336a31
- SSDEEP
  
  6144:hj38P9IwPaHP79bvi5u9r9pMrSxykQ+/weOMymjSXdxED3wNnQq:9OB+mNXdxE0Nn7
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2