fad25892e5179a346cdbdbba1e40f53bd6366806d32b57fa4d7946ebe9ae8621 | Triage

Sharing

General

Target

out_bdrts.js
Size

835KB
Sample

240404-v1chjsde6w
MD5

50c9e63975fb626c2448aaaf193ca6aa
SHA1

1df86a1625b0fddd885e8763f416948d8e3863b5
SHA256

fad25892e5179a346cdbdbba1e40f53bd6366806d32b57fa4d7946ebe9ae8621
SHA512

c39e008815dad51cd714791ac4d9d227eaf3374a32db94d5f1e2f38882251b0c72599d8fe413730be924c7f2f9106891eb16c1766176806955b9e28b945bd667
SSDEEP

24576:CSiXCh4grhRFR+ZlrpEv9eYBWL5Ut2pW9:CSiXo4Eh5Ilqv9eaOUt2pW9

Score

10^/10

Malware Config

Targets

- Target
  
  out_bdrts.js
- Size
  
  835KB
- MD5
  
  50c9e63975fb626c2448aaaf193ca6aa
- SHA1
  
  1df86a1625b0fddd885e8763f416948d8e3863b5
- SHA256
  
  fad25892e5179a346cdbdbba1e40f53bd6366806d32b57fa4d7946ebe9ae8621
- SHA512
  
  c39e008815dad51cd714791ac4d9d227eaf3374a32db94d5f1e2f38882251b0c72599d8fe413730be924c7f2f9106891eb16c1766176806955b9e28b945bd667
- SSDEEP
  
  24576:CSiXCh4grhRFR+ZlrpEv9eYBWL5Ut2pW9:CSiXo4Eh5Ilqv9eaOUt2pW9
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2