d70dc6b5c457e47c358f2fa3901792f75572c395dbcc7b782500c9b94570f32e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6daba2792bd104ad4a113f51c5ac9b75feec3eec99bfeafa9c875dd54ff3ba4.zip
Size

1KB
Sample

231128-g1191sff75
MD5

94e8d8881300340e5a895171effdccc7
SHA1

fe0b95ac7fa7e020d399a4a62b85c796ad7db1dd
SHA256

d70dc6b5c457e47c358f2fa3901792f75572c395dbcc7b782500c9b94570f32e
SHA512

a97ed261b2d586cb286bfad4056c87c463899ed5d0aa66d7e6074d64e645f20a2be5f534a55f794ba6bc21a31f42d1fcbc99dcbe0c4f2ae8b80abef7d31d3b1c

Score

8^/10

Malware Config

Targets

- Target
  
  b6daba2792bd104ad4a113f51c5ac9b75feec3eec99bfeafa9c875dd54ff3ba4.js
- Size
  
  2KB
- MD5
  
  70e1519d6d0b7cbd717386f636d80619
- SHA1
  
  318075e9ae7b4d5485b0870d9f4718b58a826c54
- SHA256
  
  b6daba2792bd104ad4a113f51c5ac9b75feec3eec99bfeafa9c875dd54ff3ba4
- SHA512
  
  6cd127662523b625d2a4932a1668c1575e922b343d38f5ef76eac67f0f41a77ae5ed90680919a282ed3188ab3c4c30ee476e6afccda3481005969d97c7a9a7fa
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2