905bac0b46cc365de77d8e95975d110cf40dbeee2275fd987a203325be4733c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

732621101735828027.js
Size

17KB
Sample

240724-hr8heatcrk
MD5

ee1fc1fcca6971b6b7ea4c5f73565cd1
SHA1

9819500d67f46ebff07d5535f5cbf6ef5cf077e0
SHA256

905bac0b46cc365de77d8e95975d110cf40dbeee2275fd987a203325be4733c0
SHA512

316544ba65092b7f64bc96f2740a0ce5924a492fd7a5408d6e13eb67a117b45432ea27370da07aaf46b339831795ab7f983647c959b71447f99575b685cfdb27
SSDEEP

192:9k4M2TNunOnrlaFjUuWvoguuFaN6SmLwwsxaJ5oaHzO9QzGUQNBze:9k47NUirZfjBrW5EM10

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  732621101735828027.js
- Size
  
  17KB
- MD5
  
  ee1fc1fcca6971b6b7ea4c5f73565cd1
- SHA1
  
  9819500d67f46ebff07d5535f5cbf6ef5cf077e0
- SHA256
  
  905bac0b46cc365de77d8e95975d110cf40dbeee2275fd987a203325be4733c0
- SHA512
  
  316544ba65092b7f64bc96f2740a0ce5924a492fd7a5408d6e13eb67a117b45432ea27370da07aaf46b339831795ab7f983647c959b71447f99575b685cfdb27
- SSDEEP
  
  192:9k4M2TNunOnrlaFjUuWvoguuFaN6SmLwwsxaJ5oaHzO9QzGUQNBze:9k47NUirZfjBrW5EM10
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution