ed7737992ecec4d21b6ff16c541d6cbcfe9e8b6de6c6e88349b0955e7d8deb09 | Triage

Sharing

General

Target

2167027638826929472.js
Size

10KB
Sample

240725-vahlwavhme
MD5

88437a047b77a324b3e9876cdb211e6b
SHA1

f65c026c697aec792b025322b918db68742a5555
SHA256

ed7737992ecec4d21b6ff16c541d6cbcfe9e8b6de6c6e88349b0955e7d8deb09
SHA512

f1de5912e050e77d066b9d275715fc426f9de0aa3055b184a16bf3782a6c2283bbd082ec2e34f1965b8a5fbcc57df67509bde9d1b4effa6461c1952dd5d3811e
SSDEEP

192:KA9u/yYTxCbrDpESnyOrTfCsE+6382Ixs5bageoyOqPMPSeV+1ez9+hvJHxHvm+d:r3

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  2167027638826929472.js
- Size
  
  10KB
- MD5
  
  88437a047b77a324b3e9876cdb211e6b
- SHA1
  
  f65c026c697aec792b025322b918db68742a5555
- SHA256
  
  ed7737992ecec4d21b6ff16c541d6cbcfe9e8b6de6c6e88349b0955e7d8deb09
- SHA512
  
  f1de5912e050e77d066b9d275715fc426f9de0aa3055b184a16bf3782a6c2283bbd082ec2e34f1965b8a5fbcc57df67509bde9d1b4effa6461c1952dd5d3811e
- SSDEEP
  
  192:KA9u/yYTxCbrDpESnyOrTfCsE+6382Ixs5bageoyOqPMPSeV+1ez9+hvJHxHvm+d:r3
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution