970c046dd9a348a33d6933398208142ff251ee8110bec0a4cbc9f8b59412ebd6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

970c046dd9a348a33d6933398208142ff251ee8110bec0a4cbc9f8b59412ebd6.js
Size

12KB
Sample

240821-tbkl7a1bnj
MD5

7f62f58ae805f06289929c99ed3cd748
SHA1

601ce7c59934156ec848bf2c7db8019f2b116c94
SHA256

970c046dd9a348a33d6933398208142ff251ee8110bec0a4cbc9f8b59412ebd6
SHA512

59324e89d9d304326dc9177943c50ddd45493fd70458ced2bddd97573c262ebfd02c9d0486b66b300064573d40421f772a379347d632248e1c2b624279d5aa53
SSDEEP

96:2Qkm0WAQ8MdtVwK6JFdxMjOAqgEBtiUJgRbgqANb1bvDhaGZSoc6bgqANb1bvDhh:gim6F6Bx5Pg3AbLPZpAbLg/Ho

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  970c046dd9a348a33d6933398208142ff251ee8110bec0a4cbc9f8b59412ebd6.js
- Size
  
  12KB
- MD5
  
  7f62f58ae805f06289929c99ed3cd748
- SHA1
  
  601ce7c59934156ec848bf2c7db8019f2b116c94
- SHA256
  
  970c046dd9a348a33d6933398208142ff251ee8110bec0a4cbc9f8b59412ebd6
- SHA512
  
  59324e89d9d304326dc9177943c50ddd45493fd70458ced2bddd97573c262ebfd02c9d0486b66b300064573d40421f772a379347d632248e1c2b624279d5aa53
- SSDEEP
  
  96:2Qkm0WAQ8MdtVwK6JFdxMjOAqgEBtiUJgRbgqANb1bvDhaGZSoc6bgqANb1bvDhh:gim6F6Bx5Pg3AbLPZpAbLg/Ho
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution