d434f3637402e7c475e854df43fb555bbbe8f3b572d380a6beeb0d8bdf7d74f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d434f3637402e7c475e854df43fb555bbbe8f3b572d380a6beeb0d8bdf7d74f0.js
Size

9KB
Sample

240821-tpphas1hnk
MD5

8fcae57508608901c318481011eb2bbf
SHA1

278c77f2dc0638c28ae366f9543ff62cff3108ad
SHA256

d434f3637402e7c475e854df43fb555bbbe8f3b572d380a6beeb0d8bdf7d74f0
SHA512

a74d680777cbd55393eafc68fed86d3736c9943f02489fdde6b39f6e8d6b17372498973e9677c75c32c83df4cbffc5be726c7b4fadd6012af3fea14ac0dae8fc
SSDEEP

96:YQZvT+eL4aCAgLURS1McTgeC3Y5KVcCP7FCpG0Szn8ongfgM:xZDMygLUaT3C3UUP7Ae5gfgM

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  d434f3637402e7c475e854df43fb555bbbe8f3b572d380a6beeb0d8bdf7d74f0.js
- Size
  
  9KB
- MD5
  
  8fcae57508608901c318481011eb2bbf
- SHA1
  
  278c77f2dc0638c28ae366f9543ff62cff3108ad
- SHA256
  
  d434f3637402e7c475e854df43fb555bbbe8f3b572d380a6beeb0d8bdf7d74f0
- SHA512
  
  a74d680777cbd55393eafc68fed86d3736c9943f02489fdde6b39f6e8d6b17372498973e9677c75c32c83df4cbffc5be726c7b4fadd6012af3fea14ac0dae8fc
- SSDEEP
  
  96:YQZvT+eL4aCAgLURS1McTgeC3Y5KVcCP7FCpG0Szn8ongfgM:xZDMygLUaT3C3UUP7Ae5gfgM
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution