Resubmissions

09/11/2024, 19:05

241109-xrzmtszfpf 6

General

  • Target

    index.js

  • Size

    14KB

  • Sample

    241109-xrzmtszfpf

  • MD5

    f82cb93481f502bb878ea3f0c063539a

  • SHA1

    4bbc67b8bc5d27bf37d06cc2d59ea50618b1a98b

  • SHA256

    73360850e31eae85db70a1a0d281ae4751e01f82b096274ac015d8b280b06a2c

  • SHA512

    816ff2191fd13c958b365cdbabb112c85969c46df9743d7e54d9e03b998b91086d32672d090a25315c0ae911962104d8f3a3a5aa6ebcb4f7e249a80ff16565b8

  • SSDEEP

    192:yMwzGuEK1K3KzwoKywLA1rwfuRxw1gRXKBzyt140z8er04UWyiQfNs7oaT/D/i8b:yMwzGUvVnMW7nT7/i8JoUl

Malware Config

Targets

    • Target

      index.js

    • Size

      14KB

    • MD5

      f82cb93481f502bb878ea3f0c063539a

    • SHA1

      4bbc67b8bc5d27bf37d06cc2d59ea50618b1a98b

    • SHA256

      73360850e31eae85db70a1a0d281ae4751e01f82b096274ac015d8b280b06a2c

    • SHA512

      816ff2191fd13c958b365cdbabb112c85969c46df9743d7e54d9e03b998b91086d32672d090a25315c0ae911962104d8f3a3a5aa6ebcb4f7e249a80ff16565b8

    • SSDEEP

      192:yMwzGuEK1K3KzwoKywLA1rwfuRxw1gRXKBzyt140z8er04UWyiQfNs7oaT/D/i8b:yMwzGUvVnMW7nT7/i8JoUl

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks