dd9400ebe3cf1b6d2176907213081dc99a3508097bf14212d881e1a4188155f0 | Triage

Sharing

General

Target

Bypass All Shortlinks.user.js
Size

150KB
Sample

240919-hk1h8awcrr
MD5

9e39b8897851f593bff6679120028059
SHA1

190f0eafd1c87d47bd849010772e2d8fc66db4bb
SHA256

dd9400ebe3cf1b6d2176907213081dc99a3508097bf14212d881e1a4188155f0
SHA512

2e37a91d2915f6773305beb8a61336ae36503a64bf8215bb349578eebff2c616511f3520037367f24cb38add7af2db874890396caf246321536f93c193abf85a
SSDEEP

3072:Jvm9wFFN3en/RBod0be+PgylDCJOZcgsw:Jm9wFFNOn/RBoun3lDMi

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  Bypass All Shortlinks.user.js
- Size
  
  150KB
- MD5
  
  9e39b8897851f593bff6679120028059
- SHA1
  
  190f0eafd1c87d47bd849010772e2d8fc66db4bb
- SHA256
  
  dd9400ebe3cf1b6d2176907213081dc99a3508097bf14212d881e1a4188155f0
- SHA512
  
  2e37a91d2915f6773305beb8a61336ae36503a64bf8215bb349578eebff2c616511f3520037367f24cb38add7af2db874890396caf246321536f93c193abf85a
- SSDEEP
  
  3072:Jvm9wFFN3en/RBod0be+PgylDCJOZcgsw:Jm9wFFNOn/RBoun3lDMi
Score

6^/10

discovery execution
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2