9c2300ec029da1b38067381dafd00825f6fb79e7784f6294cb9e4784885390db | Triage

Sharing

General

Target

12341169452550421723.js
Size

591KB
Sample

241121-mat1xa1mez
MD5

54e1f935bdf998612d9c9ea05fc365af
SHA1

c96895a4ebdfa9c7c9299c818696eae54c13155b
SHA256

9c2300ec029da1b38067381dafd00825f6fb79e7784f6294cb9e4784885390db
SHA512

5b590b8724f15edb3646b9195856fab57ee8a5fbe6b86caa463eb3b1ef3c273dc651ce8426a1d33968fbf613a7744472d9b79c004e9ae010e2bbd1a8fbaf37bb
SSDEEP

6144:4ivjtVk0GABrLGUjy4kvwHkL1rLGUjy4kvwRDwGzyPYjDlL:4qXl16UO4816UO4ZMY2Yfl

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  12341169452550421723.js
- Size
  
  591KB
- MD5
  
  54e1f935bdf998612d9c9ea05fc365af
- SHA1
  
  c96895a4ebdfa9c7c9299c818696eae54c13155b
- SHA256
  
  9c2300ec029da1b38067381dafd00825f6fb79e7784f6294cb9e4784885390db
- SHA512
  
  5b590b8724f15edb3646b9195856fab57ee8a5fbe6b86caa463eb3b1ef3c273dc651ce8426a1d33968fbf613a7744472d9b79c004e9ae010e2bbd1a8fbaf37bb
- SSDEEP
  
  6144:4ivjtVk0GABrLGUjy4kvwHkL1rLGUjy4kvwRDwGzyPYjDlL:4qXl16UO4816UO4ZMY2Yfl
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution