Overview

overview

10

Static

static

1

8a1f1bc7ba...d6a.js

windows7-x64

10

8a1f1bc7ba...d6a.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8a1f1bc7ba070f6f3262f56ce922bd6a

  • Size

    132KB

  • Sample

    240202-v5damsdfcr

  • MD5

    8a1f1bc7ba070f6f3262f56ce922bd6a

  • SHA1

    f8a91fc10a9af19ac60dd3e8f88f92a7cea7de13

  • SHA256

    65d35bae5f3e75f034b2b45b0165c1609ca936ad6781c8030b7f017c482b5c86

  • SHA512

    61bb12a24d364cbd84a1ceb09a97718282e7706ad67154765f5e0c9b85f65c67b6ca88659685af80c72899c0c9c0309652878159a5863de18eae2bfc5755dbbc

  • SSDEEP

    3072:0XtbL06VLNFAjWWFFVU5qRHWniD3XgwB75Rr8GBoabGrwfn5LZft08zUBE:0Xt/0D55zWaF5LZF05O

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://jolantagraban.pl/log/57843441668980/dll/assistant.php

Targets

    • Target

      8a1f1bc7ba070f6f3262f56ce922bd6a

    • Size

      132KB

    • MD5

      8a1f1bc7ba070f6f3262f56ce922bd6a

    • SHA1

      f8a91fc10a9af19ac60dd3e8f88f92a7cea7de13

    • SHA256

      65d35bae5f3e75f034b2b45b0165c1609ca936ad6781c8030b7f017c482b5c86

    • SHA512

      61bb12a24d364cbd84a1ceb09a97718282e7706ad67154765f5e0c9b85f65c67b6ca88659685af80c72899c0c9c0309652878159a5863de18eae2bfc5755dbbc

    • SSDEEP

      3072:0XtbL06VLNFAjWWFFVU5qRHWniD3XgwB75Rr8GBoabGrwfn5LZft08zUBE:0Xt/0D55zWaF5LZF05O

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks