0f935aeea51200461236a8225942a5311cc4f84b42828852dafeaca6a60e7dd3 | Triage

Sharing

General

Target

Rechnung_20240314.gbf.zip
Size

104KB
Sample

241121-phx4msskdz
MD5

112f0da1906409b8de883ae320d3dd28
SHA1

deb429f555bc77873f06a7aec5b48222d217c348
SHA256

0f935aeea51200461236a8225942a5311cc4f84b42828852dafeaca6a60e7dd3
SHA512

479e3b13966337c341af14aeaca2618b1885b5f6e61cd834fda23dd55c1e9fbb156f4996c0bdc909bd1f684ebdb6932cc9d0822d8468ab8b040b1a858bf21e78
SSDEEP

3072:bkFq2PpT+U+3JuschPuw12Ac4PaECKPvNSyX8c1SRlWwv6N0ir1g:wqMpTX+07ZcaaECKPFlsc18Duq

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  1688429849263022239.js
- Size
  
  720KB
- MD5
  
  6bb4dffdd348a4c3b1a2c22d6606e9f0
- SHA1
  
  f5d7853b07bf571a3ef736552ac9e7af914ec0b3
- SHA256
  
  99009e3c89f424fd01b517b2b644e587677c1bf42a3791d67ff8ec05e40eaace
- SHA512
  
  0000104cbda57ff9bd5ba38a6676c570f766465ded5a51adbd95753ec9bb78e664d31d92f91d266b8db7cf800262d235a6fd80da44654399db710ed7cb540b2d
- SSDEEP
  
  6144:I6G26HDfmyelKpU1lDA40K+SUbXeDA40K+SUbjTFrE1:ZG/TOKpU1+40K+SUbXR40K+SUbjTFrE1
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution