Overview

overview

8

Static

static

1

original s...nts.js

windows7-x64

8

original s...nts.js

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19092024_0646_original shipping documents.js.zip

  • Size

    8KB

  • Sample

    240919-hjlzfawakh

  • MD5

    309c8cf8eb08a7b12d36e632c91f12ec

  • SHA1

    0a2603fb58eca206a8a227d9f5feaf10b41de9d6

  • SHA256

    aa6f3167bcd3cceedf53810713999c649b0e8d52beeb4e30804813d54dd2e59d

  • SHA512

    ae95cccc91f245cef53d21d60eb4be21dad4790ecc236cc1549c422b1df6cf4e6b2b01eb112adff209acd2d56bd563bba29fa464a34384bee1b91bd8246f8945

  • SSDEEP

    192:cq1L4usU6GJY3FAZfIKJy53oDNmJCxGYAqQcEv9:cq1UKJYV0JlDEJNpqQ9l

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      original shipping documents.js

    • Size

      30KB

    • MD5

      c34e2fe548e947a64ac894a457bb598a

    • SHA1

      01408b7989f7b88220129c599c7a58a389b35cb2

    • SHA256

      bef77bb820ab4134ef575f8c68b0c0e75c124990790309cf6782928aaeba9d9c

    • SHA512

      cd37464c37db0082453b9c17df0b331e9d91105fd7c014010966bd423d496c127baa67cb46f8b939c67c1d5540ad7ef0cc35a738957cfb33020da1a99255898e

    • SSDEEP

      768:OJWm9aFqK2Y4WaQ4Vg4vf4bQuvAsBvPqMGzk6Q:O3mkk6Q

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks