b3bf77eee60da0c645ab08e8e28e68d1a8d6c56177b0a941b98facd81a68ea49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1424712163573931533.js
Size

17KB
Sample

240726-mt1msswgma
MD5

cbd71041423e69fe21a7d32d7ae2b9c0
SHA1

4ebee9f53bfced0de0c6e3bbaba64038329972f5
SHA256

b3bf77eee60da0c645ab08e8e28e68d1a8d6c56177b0a941b98facd81a68ea49
SHA512

ba8531e9cd77e97e8945fd96c2354a65fbcb11ebe3fb9db4c96b93c5f5d570b724eea3aca2eaae4b8e745da18567dbe84f66f011cad583ccfb5e80cae0dea738
SSDEEP

384:PBe3M8VXnwvXnmX8X9x2pMxAgTIkZZjyT1+kOE:PBecQXwvX9UCAYIkZZGTV

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  1424712163573931533.js
- Size
  
  17KB
- MD5
  
  cbd71041423e69fe21a7d32d7ae2b9c0
- SHA1
  
  4ebee9f53bfced0de0c6e3bbaba64038329972f5
- SHA256
  
  b3bf77eee60da0c645ab08e8e28e68d1a8d6c56177b0a941b98facd81a68ea49
- SHA512
  
  ba8531e9cd77e97e8945fd96c2354a65fbcb11ebe3fb9db4c96b93c5f5d570b724eea3aca2eaae4b8e745da18567dbe84f66f011cad583ccfb5e80cae0dea738
- SSDEEP
  
  384:PBe3M8VXnwvXnmX8X9x2pMxAgTIkZZjyT1+kOE:PBecQXwvX9UCAYIkZZGTV
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution