ec36a58d2c606d1a11bd33be885873b7fd655d0fa0f157ac26e0c9b84ba82075 | Triage

Sharing

General

Target

Document.js
Size

398KB
Sample

241023-vfrrqs1apc
MD5

0f0fee1596c63af8028223a76c52d7c9
SHA1

76d1c27a66bc108fc2dd8d54d53d37dd627a142d
SHA256

ec36a58d2c606d1a11bd33be885873b7fd655d0fa0f157ac26e0c9b84ba82075
SHA512

742ac969ed0d7f047a3a006468162f5a7d313ea831506a3a5a54e2f47588057dddde7165c0ca8b9b46edeee1a63ce28e23ce962e6aa21757db270178ab8843fb
SSDEEP

6144:MOAtECbWK27qMwU16+whfYFp96kra1h3B2lH5XOEAnK3FtjIV2qRQcKHjQi:M9BWK7+whfAMJTR2vXejR4HUi

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  Document.js
- Size
  
  398KB
- MD5
  
  0f0fee1596c63af8028223a76c52d7c9
- SHA1
  
  76d1c27a66bc108fc2dd8d54d53d37dd627a142d
- SHA256
  
  ec36a58d2c606d1a11bd33be885873b7fd655d0fa0f157ac26e0c9b84ba82075
- SHA512
  
  742ac969ed0d7f047a3a006468162f5a7d313ea831506a3a5a54e2f47588057dddde7165c0ca8b9b46edeee1a63ce28e23ce962e6aa21757db270178ab8843fb
- SSDEEP
  
  6144:MOAtECbWK27qMwU16+whfYFp96kra1h3B2lH5XOEAnK3FtjIV2qRQcKHjQi:M9BWK7+whfAMJTR2vXejR4HUi
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution