61031e9a81c269a9e1c12a90a3cb6faa3a99cb6bd91871d11fc2d42818a2e090 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61031e9a81c269a9e1c12a90a3cb6faa3a99cb6bd91871d11fc2d42818a2e090.js
Size

9KB
Sample

240726-dzv5tsxamh
MD5

1cee47bb571a8fdc64209ce712d9a007
SHA1

a15108f169721db03d6c0299cd9135365a7fbefc
SHA256

61031e9a81c269a9e1c12a90a3cb6faa3a99cb6bd91871d11fc2d42818a2e090
SHA512

c19385cb3e118df561a8eaef6ea69e6598a1784ab949c882513223ae2a790361d5a580ba5f58b950b26d2669c4901ff11e213b8d6ef671e105e974523e3218b1
SSDEEP

192:xP+XtagJgs9eYqHvl4OnzINQDn6DDqe3nxqL7qe0HLblpq71MEl6q5MEl6W44jyO:QXtagWs9eYqPl4OnzINQDn6DDqe3nxqf

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  61031e9a81c269a9e1c12a90a3cb6faa3a99cb6bd91871d11fc2d42818a2e090.js
- Size
  
  9KB
- MD5
  
  1cee47bb571a8fdc64209ce712d9a007
- SHA1
  
  a15108f169721db03d6c0299cd9135365a7fbefc
- SHA256
  
  61031e9a81c269a9e1c12a90a3cb6faa3a99cb6bd91871d11fc2d42818a2e090
- SHA512
  
  c19385cb3e118df561a8eaef6ea69e6598a1784ab949c882513223ae2a790361d5a580ba5f58b950b26d2669c4901ff11e213b8d6ef671e105e974523e3218b1
- SSDEEP
  
  192:xP+XtagJgs9eYqHvl4OnzINQDn6DDqe3nxqL7qe0HLblpq71MEl6q5MEl6W44jyO:QXtagWs9eYqPl4OnzINQDn6DDqe3nxqf
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution