d2e87651dc0c179ba1499e7c19fcbd66656ac2c12aa0b92407f3caf522aff317 | Triage

Sharing

General

Target

d2e87651dc0c179ba1499e7c19fcbd66656ac2c12aa0b92407f3caf522aff317.js
Size

10KB
Sample

240726-gxdpjs1blk
MD5

4c86f505b9bbf9f1160775301b2b4deb
SHA1

50828d49833408f61bb7fbc73a58f69035bc7e64
SHA256

d2e87651dc0c179ba1499e7c19fcbd66656ac2c12aa0b92407f3caf522aff317
SHA512

2dce4e5c05d4322e03189b9dcf26472feaee1b4c16b78e6f0f5ddd65dc47dc269f4cc0dcf34abf35dffa890c6bc084d7d6dfa02e131e6b838faef01863d925b3
SSDEEP

192:PL2ieWetI63PthDnOTXZPGmYe5WWbL4Ld4YzPtbxKxBl83ZDQWzPtbxKxBl83ZzS:PL2vWAI63jSXAVeUiL4Ld4YzPtbxKxBF

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  d2e87651dc0c179ba1499e7c19fcbd66656ac2c12aa0b92407f3caf522aff317.js
- Size
  
  10KB
- MD5
  
  4c86f505b9bbf9f1160775301b2b4deb
- SHA1
  
  50828d49833408f61bb7fbc73a58f69035bc7e64
- SHA256
  
  d2e87651dc0c179ba1499e7c19fcbd66656ac2c12aa0b92407f3caf522aff317
- SHA512
  
  2dce4e5c05d4322e03189b9dcf26472feaee1b4c16b78e6f0f5ddd65dc47dc269f4cc0dcf34abf35dffa890c6bc084d7d6dfa02e131e6b838faef01863d925b3
- SSDEEP
  
  192:PL2ieWetI63PthDnOTXZPGmYe5WWbL4Ld4YzPtbxKxBl83ZDQWzPtbxKxBl83ZzS:PL2vWAI63jSXAVeUiL4Ld4YzPtbxKxBF
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution