089a69e20ba8e77bd6cbd1ba40f9a8754be2479ee18e0e22af2f502e9c7f07b4 | Triage

Sharing

General

Target

089a69e20ba8e77bd6cbd1ba40f9a8754be2479ee18e0e22af2f502e9c7f07b4.js
Size

10KB
Sample

240820-rpy1ma1ajq
MD5

a96dfb5126b998be551e5731d0019049
SHA1

a85b1edbb0642d4a4062374438b5996547570259
SHA256

089a69e20ba8e77bd6cbd1ba40f9a8754be2479ee18e0e22af2f502e9c7f07b4
SHA512

325ffa48bd726409512a6b14f2c95309adbe89b9fa5345a32060f4e53e5eefe000071a7c0de82f6274910108f51c6c86a7e674b5a2c33c06d443095d43853c87
SSDEEP

192:RAq+vTEB0QODfAhXmm5ZsoHjWk7GYA8FBNjiN5jsNlQUGFTZhNGwNXKcR0vwNAw3:qP7KEfAhXmm5ZsoHjWIGYA8FBNjiN5jp

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  089a69e20ba8e77bd6cbd1ba40f9a8754be2479ee18e0e22af2f502e9c7f07b4.js
- Size
  
  10KB
- MD5
  
  a96dfb5126b998be551e5731d0019049
- SHA1
  
  a85b1edbb0642d4a4062374438b5996547570259
- SHA256
  
  089a69e20ba8e77bd6cbd1ba40f9a8754be2479ee18e0e22af2f502e9c7f07b4
- SHA512
  
  325ffa48bd726409512a6b14f2c95309adbe89b9fa5345a32060f4e53e5eefe000071a7c0de82f6274910108f51c6c86a7e674b5a2c33c06d443095d43853c87
- SSDEEP
  
  192:RAq+vTEB0QODfAhXmm5ZsoHjWk7GYA8FBNjiN5jsNlQUGFTZhNGwNXKcR0vwNAw3:qP7KEfAhXmm5ZsoHjWIGYA8FBNjiN5jp
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution