5b8af37aafd35cf1e026768d1625a6f5f528959de5ace13cd9faa1434294b563 | Triage

Sharing

General

Target

19112024_1324_18112024_R C332175.zip
Size

169KB
Sample

241119-qnkk6swfjb
MD5

0ff8f57f26d59d950a303115500ff21f
SHA1

5e48b960acc2aaab400370da78391073d2cb2d1b
SHA256

5b8af37aafd35cf1e026768d1625a6f5f528959de5ace13cd9faa1434294b563
SHA512

76220f8cb4af92fe4dc2ea9a3b52d7daa5f0bcea5c698966809c8594a6ec1cbd52a00353407af6d9715f2b6302eb982402ddd09e9b58b316ac8f08bc1678e55a
SSDEEP

3072:A0KRkmKod4VqWNSBIeyFFEzifOBV+n1ybvQmIbypsaJcB2fB9on/5LFKM9gS0s/q:Ankmm1eAHkV+nuQmz+yR9Y/1Fx9R/q

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  12019287241781727363.js
- Size
  
  1.1MB
- MD5
  
  2d8daaab7f1877b90b54a72f02fcbb62
- SHA1
  
  fec2f8c16e1c37caa2de7d78db32299b117d840f
- SHA256
  
  6b7412a368ab6fbd208fae24fc58bf06137571fb5c6e46d25bdeac9aef290b5d
- SHA512
  
  cc0cc3e05612f2f539d2923cd648b77dc02f9c218dc1cd37efab385bcdbfb69818f5e2ddb36ea60189aa41a7a4388cc48574e1c5b94fbcf0a914263a102d6566
- SSDEEP
  
  6144:z9lAis7tJlhABYtqA0vV62uMALM/nALM/ai9Ukcp8V:RlGlhe0qA0vINMbnbDMp8V
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution