00b554f0e13ec289d51dec190f2264ca710f39318a74c8ee682b44ca499fea34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2887717567251933645.js
Size

17KB
Sample

240725-rzh26atfnl
MD5

49577829cbb0e6762aa1a60f963462be
SHA1

73d00642aeb1ed972181203dd19b10c0a2998bae
SHA256

00b554f0e13ec289d51dec190f2264ca710f39318a74c8ee682b44ca499fea34
SHA512

5232cfbce1f6b78de50e4e4498098c1bb89221d4c00d296f976f230f5c4a5a8ab975fbb390aa35c62f532a5a8a949138986374689b09cfa69c812d8f81d75c5d
SSDEEP

96:or+0G6InKtXyh9eDi3cBpcDUaAwHpt4LFlF6MvkiHwGmnFpMr3BTO:DeIKtweocBpcDUaruLFv6MvfyMO

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  2887717567251933645.js
- Size
  
  17KB
- MD5
  
  49577829cbb0e6762aa1a60f963462be
- SHA1
  
  73d00642aeb1ed972181203dd19b10c0a2998bae
- SHA256
  
  00b554f0e13ec289d51dec190f2264ca710f39318a74c8ee682b44ca499fea34
- SHA512
  
  5232cfbce1f6b78de50e4e4498098c1bb89221d4c00d296f976f230f5c4a5a8ab975fbb390aa35c62f532a5a8a949138986374689b09cfa69c812d8f81d75c5d
- SSDEEP
  
  96:or+0G6InKtXyh9eDi3cBpcDUaAwHpt4LFlF6MvkiHwGmnFpMr3BTO:DeIKtweocBpcDUaruLFv6MvfyMO
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution