824d2e6f2f591a1698d5a6628d8e48393c730fc422b73c020ec1ab99ec982246 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

824d2e6f2f591a1698d5a6628d8e48393c730fc422b73c020ec1ab99ec982246.js
Size

11KB
Sample

240821-rrmelswhkp
MD5

63de0324d75699446084fe2b46c988f9
SHA1

029b0006f3891a4b9fbe2b03a220de1879712574
SHA256

824d2e6f2f591a1698d5a6628d8e48393c730fc422b73c020ec1ab99ec982246
SHA512

569531e895ecd9db714f737a1cfac89eb594338539dd7e45644ac1ad70f9bb5f5b7f98b24ec75c9a2db2c90a0f8110b3936e41a9508ceb9e7e15291087f37ef1
SSDEEP

96:Dhv8xlFOZCS3yoNOsUA63QLKaTbOa+M7iLDMWFgK0qk2+MqIgiLBtfWEw:D+NO8Shg1IbbOPMMgKZk2zgMts

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  824d2e6f2f591a1698d5a6628d8e48393c730fc422b73c020ec1ab99ec982246.js
- Size
  
  11KB
- MD5
  
  63de0324d75699446084fe2b46c988f9
- SHA1
  
  029b0006f3891a4b9fbe2b03a220de1879712574
- SHA256
  
  824d2e6f2f591a1698d5a6628d8e48393c730fc422b73c020ec1ab99ec982246
- SHA512
  
  569531e895ecd9db714f737a1cfac89eb594338539dd7e45644ac1ad70f9bb5f5b7f98b24ec75c9a2db2c90a0f8110b3936e41a9508ceb9e7e15291087f37ef1
- SSDEEP
  
  96:Dhv8xlFOZCS3yoNOsUA63QLKaTbOa+M7iLDMWFgK0qk2+MqIgiLBtfWEw:D+NO8Shg1IbbOPMMgKZk2zgMts
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution