04504bbba50d1fc1b895c7574d5e99a831c5fe1b7f8d2b7512c27fc712832b25 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04504bbba50d1fc1b895c7574d5e99a831c5fe1b7f8d2b7512c27fc712832b25.js
Size

10KB
Sample

240820-rntphswfrg
MD5

5d1766827133161fa164095c1e161c8e
SHA1

a4a9a92db17551fc0e7396627d6c8724fd474e62
SHA256

04504bbba50d1fc1b895c7574d5e99a831c5fe1b7f8d2b7512c27fc712832b25
SHA512

17fc2f2ffc5fb38d4cd3cc82a2f68da9d7f8f3269590d3c8ce8cbebc47619f19f293c66332ef83615d41215612ef8481f6f7fe7935360ae6d9c92d9d25e3ac1c
SSDEEP

96:/U9fW8eJ0Crux4D62s/3+4nvx40FZxVCxT5ZxVne2:89deVq4D62M3+QpQtRe2

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  04504bbba50d1fc1b895c7574d5e99a831c5fe1b7f8d2b7512c27fc712832b25.js
- Size
  
  10KB
- MD5
  
  5d1766827133161fa164095c1e161c8e
- SHA1
  
  a4a9a92db17551fc0e7396627d6c8724fd474e62
- SHA256
  
  04504bbba50d1fc1b895c7574d5e99a831c5fe1b7f8d2b7512c27fc712832b25
- SHA512
  
  17fc2f2ffc5fb38d4cd3cc82a2f68da9d7f8f3269590d3c8ce8cbebc47619f19f293c66332ef83615d41215612ef8481f6f7fe7935360ae6d9c92d9d25e3ac1c
- SSDEEP
  
  96:/U9fW8eJ0Crux4D62s/3+4nvx40FZxVCxT5ZxVne2:89deVq4D62M3+QpQtRe2
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution