6a68935a5f82acb700750ff0cfbf7f5adfa58ed41c1f1116a75a97c6f1ccd8ae | Triage

Sharing

General

Target

6a68935a5f82acb700750ff0cfbf7f5adfa58ed41c1f1116a75a97c6f1ccd8ae.js
Size

15KB
Sample

240821-rlvtssshlg
MD5

0b9d0b4f37c86a1a8221c84d4d7adda2
SHA1

dc8afb8de658d78239113af41af3f55fbfee990d
SHA256

6a68935a5f82acb700750ff0cfbf7f5adfa58ed41c1f1116a75a97c6f1ccd8ae
SHA512

8600da4e0c7a33de9e31ab2a4c20601d0c42458ba068deb38f5f94de66584acd72df9d1e094846ca273bb5e47734389e47c1f8bb8b9321e6f75fba8caa017ffc
SSDEEP

384:yhjRUTpidkmIOJM9PkLUsho3sXPseXIRbTRGhoVmTsTcsckFl0BcswcsI7jbywrP:yN

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  6a68935a5f82acb700750ff0cfbf7f5adfa58ed41c1f1116a75a97c6f1ccd8ae.js
- Size
  
  15KB
- MD5
  
  0b9d0b4f37c86a1a8221c84d4d7adda2
- SHA1
  
  dc8afb8de658d78239113af41af3f55fbfee990d
- SHA256
  
  6a68935a5f82acb700750ff0cfbf7f5adfa58ed41c1f1116a75a97c6f1ccd8ae
- SHA512
  
  8600da4e0c7a33de9e31ab2a4c20601d0c42458ba068deb38f5f94de66584acd72df9d1e094846ca273bb5e47734389e47c1f8bb8b9321e6f75fba8caa017ffc
- SSDEEP
  
  384:yhjRUTpidkmIOJM9PkLUsho3sXPseXIRbTRGhoVmTsTcsckFl0BcswcsI7jbywrP:yN
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution