3a14e287d9403046806a078d0bf9a411f9e344a10ba17ab3e0bd64c5702816f3 | Triage

Sharing

General

Target

3a14e287d9403046806a078d0bf9a411f9e344a10ba17ab3e0bd64c5702816f3N
Size

184KB
Sample

240919-eqjaca1ajr
MD5

e2e9f0655390aa71e5d0ef7f39cfd7b0
SHA1

d35d2531fd41a8dc6680979dc213de2ce0aae128
SHA256

3a14e287d9403046806a078d0bf9a411f9e344a10ba17ab3e0bd64c5702816f3
SHA512

a4c5f47b03c3f429b4fdff911d34e362bf462ec4cde407d516a40cbc12d5dd5cd916925fa2d6157e388259147ba75661bdfc7b61160b94502f3337bb983fb759
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3I:/7BSH8zUB+nGESaaRvoB7FJNndn9

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  3a14e287d9403046806a078d0bf9a411f9e344a10ba17ab3e0bd64c5702816f3N
- Size
  
  184KB
- MD5
  
  e2e9f0655390aa71e5d0ef7f39cfd7b0
- SHA1
  
  d35d2531fd41a8dc6680979dc213de2ce0aae128
- SHA256
  
  3a14e287d9403046806a078d0bf9a411f9e344a10ba17ab3e0bd64c5702816f3
- SHA512
  
  a4c5f47b03c3f429b4fdff911d34e362bf462ec4cde407d516a40cbc12d5dd5cd916925fa2d6157e388259147ba75661bdfc7b61160b94502f3337bb983fb759
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3I:/7BSH8zUB+nGESaaRvoB7FJNndn9
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution