b1595b2d7b5f357393635666a0ea12953b1b4120aacfb10b5d9b31d53935546a | Triage

Sharing

General

Target

16809191722972732343.js
Size

15KB
Sample

240726-jj8zmsvcpm
MD5

002c73bc923436229e3567c5c8e02f5d
SHA1

015114340497e712775695fb3d11b18765f8824c
SHA256

b1595b2d7b5f357393635666a0ea12953b1b4120aacfb10b5d9b31d53935546a
SHA512

a07055831de0ec321bacf94ba454ae45c87a4a06790f2badfc3743f2eba96bf2fb2c0bc6bf63a395c68ad56a51573c43720a2efb2818588727c3ad7abda522b4
SSDEEP

192:O1KvP37KSmYJt4aAivoRwIt4aAivoRVZyPPb1B:HvP3DNvoGUNvoLZyPPb3

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  16809191722972732343.js
- Size
  
  15KB
- MD5
  
  002c73bc923436229e3567c5c8e02f5d
- SHA1
  
  015114340497e712775695fb3d11b18765f8824c
- SHA256
  
  b1595b2d7b5f357393635666a0ea12953b1b4120aacfb10b5d9b31d53935546a
- SHA512
  
  a07055831de0ec321bacf94ba454ae45c87a4a06790f2badfc3743f2eba96bf2fb2c0bc6bf63a395c68ad56a51573c43720a2efb2818588727c3ad7abda522b4
- SSDEEP
  
  192:O1KvP37KSmYJt4aAivoRwIt4aAivoRVZyPPb1B:HvP3DNvoGUNvoLZyPPb3
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution