67fd74add9de8de8b4006ee023cd9afe78c913cfac176bf9664de8a90fc1ac4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

E-43.js
Size

412KB
Sample

231016-tdcdlahh8s
MD5

bffb3845c209778f2a9daa3f985f2c87
SHA1

2eda4e6246f9dcb28b7886d9731a478d818884d7
SHA256

67fd74add9de8de8b4006ee023cd9afe78c913cfac176bf9664de8a90fc1ac4f
SHA512

2bb45741bd75545228393d0faf65b423efbfcb249daa83a139cb25aa8955569a52af032f6fb1151386fb9aef23caa7161c5a0819bbde1df0599c963bee590eed
SSDEEP

6144:ij38P9IwPaHP79bvi5u9r9pMrSXy9kl3BgW3JmcvFK1JdxEDLQTAs0:Iw+ZncjdxEITAF

Score

8^/10

Malware Config

Targets

- Target
  
  E-43.js
- Size
  
  412KB
- MD5
  
  bffb3845c209778f2a9daa3f985f2c87
- SHA1
  
  2eda4e6246f9dcb28b7886d9731a478d818884d7
- SHA256
  
  67fd74add9de8de8b4006ee023cd9afe78c913cfac176bf9664de8a90fc1ac4f
- SHA512
  
  2bb45741bd75545228393d0faf65b423efbfcb249daa83a139cb25aa8955569a52af032f6fb1151386fb9aef23caa7161c5a0819bbde1df0599c963bee590eed
- SSDEEP
  
  6144:ij38P9IwPaHP79bvi5u9r9pMrSXy9kl3BgW3JmcvFK1JdxEDLQTAs0:Iw+ZncjdxEITAF
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2