beab87ba1bfcfe7ecd51c5588f656e462eb534d5535d08a0af649f4eed3b83b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31102023_1855_Temporibusqc.zip
Size

72KB
Sample

231031-m1lr8afe9y
MD5

2fe95b5e16ac6b641ba31395c836347a
SHA1

1febe6b3a0a53e92c5972091d2f60e27a9b2abb3
SHA256

beab87ba1bfcfe7ecd51c5588f656e462eb534d5535d08a0af649f4eed3b83b9
SHA512

2dde8576dbaa6aca31d07ba3e5bb1488c6fd985eda72738d7cbf7e1e6f90caa0b2fd11d6d3f625c7e7fec7d34bbbdf0a0719c868faf7bc5be1c1575779cad9da
SSDEEP

1536:An0Ru/v0NssqFT9AZqgUj+HLqqXCrBUyYQ1c1m39cqF4cwmc:60pmFT9AZqgabqyr6yYQ1c1ITGZJ

Score

8^/10

Malware Config

Targets

- Target
  
  Temporibusqc.js
- Size
  
  110KB
- MD5
  
  9b42851e37924ab339a49bf2e640e4b5
- SHA1
  
  3735ec8dcc686ab6169ae59c7b60673b27a9ffaa
- SHA256
  
  ea86f191012d90b033ac5969ec1484bdaaed82289ff9237f7e3d5fd6f06a36e0
- SHA512
  
  5b07b25862f699d465624bddf307942c2a310d7f5d253012452215a113a25452b00dd0b7c618e67690e8c78eb6dbbd5dafe7ee64ee2ff52306699dd1a3b7f197
- SSDEEP
  
  1536:7PwVP7Ofolzok2TSWnIvi+5UDlp1Us6jvb/3Q0:7EOn/nIa+WD6jvb/3j
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2