99009e3c89f424fd01b517b2b644e587677c1bf42a3791d67ff8ec05e40eaace | Triage

Sharing

General

Target

1688429849263022239.js
Size

720KB
Sample

241121-l3xrts1lgy
MD5

6bb4dffdd348a4c3b1a2c22d6606e9f0
SHA1

f5d7853b07bf571a3ef736552ac9e7af914ec0b3
SHA256

99009e3c89f424fd01b517b2b644e587677c1bf42a3791d67ff8ec05e40eaace
SHA512

0000104cbda57ff9bd5ba38a6676c570f766465ded5a51adbd95753ec9bb78e664d31d92f91d266b8db7cf800262d235a6fd80da44654399db710ed7cb540b2d
SSDEEP

6144:I6G26HDfmyelKpU1lDA40K+SUbXeDA40K+SUbjTFrE1:ZG/TOKpU1+40K+SUbXR40K+SUbjTFrE1

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  1688429849263022239.js
- Size
  
  720KB
- MD5
  
  6bb4dffdd348a4c3b1a2c22d6606e9f0
- SHA1
  
  f5d7853b07bf571a3ef736552ac9e7af914ec0b3
- SHA256
  
  99009e3c89f424fd01b517b2b644e587677c1bf42a3791d67ff8ec05e40eaace
- SHA512
  
  0000104cbda57ff9bd5ba38a6676c570f766465ded5a51adbd95753ec9bb78e664d31d92f91d266b8db7cf800262d235a6fd80da44654399db710ed7cb540b2d
- SSDEEP
  
  6144:I6G26HDfmyelKpU1lDA40K+SUbXeDA40K+SUbjTFrE1:ZG/TOKpU1+40K+SUbXR40K+SUbjTFrE1
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution