2b0dceaab721011f83049bc1409718ea526025e80a78ba8c42cf08b6a3d5f5ba | Triage

Sharing

General

Target

21112024_0628_313026480196628751.js.zip
Size

93KB
Sample

241121-g8d5fstpan
MD5

744bd2e241fb197c46f3bf452267841a
SHA1

df79277c52888b0c6716f3cfde5546b7df10b50f
SHA256

2b0dceaab721011f83049bc1409718ea526025e80a78ba8c42cf08b6a3d5f5ba
SHA512

237089a76fc62f6b4b95725daa0a7b1796b1d6f5dc1604bd7f09849d039fb3fe520c8445f7677f77a2f8b9931e2095a2e8ecf0b7754c69df26ac8d522367ddff
SSDEEP

1536:ErwA31Z42Db2VFdaRNdTAK6r7Jqbi69vFJrSlz+ME90a9PzOXsrvwGo2jL5JnyCk:ErldDb1NZGIu69vFlSlz+ZF9r0srYwJm

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  313026480196628751.js
- Size
  
  644KB
- MD5
  
  b50e9b98bc8f5f26bb1b181896a72a56
- SHA1
  
  5b714574e80fe99affccc01b3d4b211c8cf03d76
- SHA256
  
  0a9d8d9d025a2a74d55d681b50013f8a593eeba62609af8813af7f1943479e32
- SHA512
  
  3f4ad760e17faaa05716c9c8d856a2ad29c54274502843fe6ad6fa3b46406c73f61a8df915b80bd558afdf4ed8cd5da30ec4155f1cdcfe4611aaf2c38e5b5d58
- SSDEEP
  
  12288:4LLtzTjlkt/v7//BlkT8Fz7//BlkT6ltdQjm:4LLtGt/v7//BlkT8Fz7//BlkT6ltdQjm
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution