67295604fb9a0bb79200b9fabfc66eb8e516339686e975a5287644bb21eda8f8 | Triage

Sharing

General

Target

1485223624968714276.js
Size

549KB
Sample

241121-mt89yawkel
MD5

f6e0d4cbfbf4769f1de51ec2be2eef61
SHA1

3a967242ebbae2ddca1694a307b8307b43bafda8
SHA256

67295604fb9a0bb79200b9fabfc66eb8e516339686e975a5287644bb21eda8f8
SHA512

5a57a71f7577714c33987d6e88ff697f17f51fa2359825f89d820a389a19232b81ec2c8e554500c1e56bc5a2c80d313081a733c90f681b9b3b8a54a11f56487a
SSDEEP

3072:qtNeOR4IwX/gei6LbMycM0uXOQgkmZKPk9x3NHYBkBAi5kK7fkJYLMcHYpNnNQMG:qtNeORCgeVb6pga7cORq7cORTORm+

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  1485223624968714276.js
- Size
  
  549KB
- MD5
  
  f6e0d4cbfbf4769f1de51ec2be2eef61
- SHA1
  
  3a967242ebbae2ddca1694a307b8307b43bafda8
- SHA256
  
  67295604fb9a0bb79200b9fabfc66eb8e516339686e975a5287644bb21eda8f8
- SHA512
  
  5a57a71f7577714c33987d6e88ff697f17f51fa2359825f89d820a389a19232b81ec2c8e554500c1e56bc5a2c80d313081a733c90f681b9b3b8a54a11f56487a
- SSDEEP
  
  3072:qtNeOR4IwX/gei6LbMycM0uXOQgkmZKPk9x3NHYBkBAi5kK7fkJYLMcHYpNnNQMG:qtNeORCgeVb6pga7cORq7cORTORm+
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution