74f19ea0e1dd6aff9c8c4238536cf609d5a2293910fd0a826d50ac992f7cbc95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74f19ea0e1dd6aff9c8c4238536cf609d5a2293910fd0a826d50ac992f7cbc95.js
Size

11KB
Sample

240821-rnt1aatald
MD5

8f803a2f32079757e7e6e6ca4e924a63
SHA1

cff6f7ad5ce23378ac7c2b1d4aa38bb2720b9242
SHA256

74f19ea0e1dd6aff9c8c4238536cf609d5a2293910fd0a826d50ac992f7cbc95
SHA512

8efc0d24498194093be10493eb13c66bc48d57d3f238a1bf42da560c387402519a667aa03567db45d2cc0c13c56ad35775253e2147acba1ff950a196ad7eb22a
SSDEEP

96:Vp8xXrl+kY7HTh7071tM7P+tXTPea7u7Jt0qnv77C7J+NGZNrAqFY:VS9Qpj1gQLa6aK9tfvS1+g5Y

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  74f19ea0e1dd6aff9c8c4238536cf609d5a2293910fd0a826d50ac992f7cbc95.js
- Size
  
  11KB
- MD5
  
  8f803a2f32079757e7e6e6ca4e924a63
- SHA1
  
  cff6f7ad5ce23378ac7c2b1d4aa38bb2720b9242
- SHA256
  
  74f19ea0e1dd6aff9c8c4238536cf609d5a2293910fd0a826d50ac992f7cbc95
- SHA512
  
  8efc0d24498194093be10493eb13c66bc48d57d3f238a1bf42da560c387402519a667aa03567db45d2cc0c13c56ad35775253e2147acba1ff950a196ad7eb22a
- SSDEEP
  
  96:Vp8xXrl+kY7HTh7071tM7P+tXTPea7u7Jt0qnv77C7J+NGZNrAqFY:VS9Qpj1gQLa6aK9tfvS1+g5Y
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution