General

  • Target

    file.js

  • Size

    922B

  • Sample

    240607-t35rfabb5v

  • MD5

    37642557f26d3c292c58a65e8851b011

  • SHA1

    f7b5c96303aeb1174d0860c0a99f4a6241112af4

  • SHA256

    67d5991928a372f5f4b6e0628177bcf922d4eb083a927f293a81e8c702cf533b

  • SHA512

    95f8dc10d6a0d01fe5ef26cc245b58b0777a276c7d6b819a3f7abe388f7a04ed3c59d81797cec14b0d71965a0d2d8144f5d0ea922a2ef115e24d5ec3da255345

Score
7/10

Malware Config

Targets

    • Target

      file.js

    • Size

      922B

    • MD5

      37642557f26d3c292c58a65e8851b011

    • SHA1

      f7b5c96303aeb1174d0860c0a99f4a6241112af4

    • SHA256

      67d5991928a372f5f4b6e0628177bcf922d4eb083a927f293a81e8c702cf533b

    • SHA512

      95f8dc10d6a0d01fe5ef26cc245b58b0777a276c7d6b819a3f7abe388f7a04ed3c59d81797cec14b0d71965a0d2d8144f5d0ea922a2ef115e24d5ec3da255345

    Score
    7/10
    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks