fde9e1b26fac0cd9bcbc4c6422245d1e37ca2f77b9f542d7701ffa1cea91744e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fde9e1b26fac0cd9bcbc4c6422245d1e37ca2f77b9f542d7701ffa1cea91744e
Size

11KB
Sample

240818-xx7kmazbrc
MD5

2b3c7d7e8682f16d4ee6a842d5060ec1
SHA1

0544bda14e7a27da2d4e76476114e28fa982d45d
SHA256

fde9e1b26fac0cd9bcbc4c6422245d1e37ca2f77b9f542d7701ffa1cea91744e
SHA512

b486bc9fedfcc3b3663be913dcc8bfede9e4d1708e3d089f03de29fd8496faa91c78955d2ebd1e57ea9352355c93a05ee7fa51f0257b07e8189ebadba31d3c1e
SSDEEP

192:XmDGrblQZCHAl5LBV09z7ghqk5ShqvbCi:XmiOCy5sgbt

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  fde9e1b26fac0cd9bcbc4c6422245d1e37ca2f77b9f542d7701ffa1cea91744e
- Size
  
  11KB
- MD5
  
  2b3c7d7e8682f16d4ee6a842d5060ec1
- SHA1
  
  0544bda14e7a27da2d4e76476114e28fa982d45d
- SHA256
  
  fde9e1b26fac0cd9bcbc4c6422245d1e37ca2f77b9f542d7701ffa1cea91744e
- SHA512
  
  b486bc9fedfcc3b3663be913dcc8bfede9e4d1708e3d089f03de29fd8496faa91c78955d2ebd1e57ea9352355c93a05ee7fa51f0257b07e8189ebadba31d3c1e
- SSDEEP
  
  192:XmDGrblQZCHAl5LBV09z7ghqk5ShqvbCi:XmiOCy5sgbt
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution