dc6f76d2b18f3e99b12a984d23764cb2a96652c4de35df8e521178501100a5c8 | Triage

Sharing

General

Target

=?utf-8?q?R_C332175.zip?=.zip
Size

96KB
Sample

241121-phyeeawqan
MD5

bd065c531bd7527f7d56583d8c7e4c7c
SHA1

53c58baa03d90908298f1d8ec4fdc38c783eb4dd
SHA256

dc6f76d2b18f3e99b12a984d23764cb2a96652c4de35df8e521178501100a5c8
SHA512

c1c5222487a782664e7cbcac6f119326c230e115f9710574e1f7847102aac909e56db24ec5d7eae545c77fe55993b480433b2a3f9893a30081d9bc46e0e6b12f
SSDEEP

3072:NdcQNxIgsLjfwRwxwIxgJpz58eqXdEvIfeItEQIdHgJ:NbpsLLwSaPbz5pamsH+AJ

Score

7^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  7858290454868466.js
- Size
  
  657KB
- MD5
  
  be15ae9aeaea57daad4f5add8f34e761
- SHA1
  
  2bb89396ca958fd150739deda653efa0a649dd87
- SHA256
  
  e4a50bc6e27700e1db6abebd5ed70c30d50494afa15fffad3c7501d59c9f652d
- SHA512
  
  e6de08b3b30e9a9d87bc210e87aa4ed37954770332f134d9fa35a496202596642acf3d4c5667605b6eaf941306f800c5622c9475c4aa60d4af22b1fad421dc29
- SSDEEP
  
  6144:gTJeZYu1ddZ+Yih114+NAn1XlIcsnQw/KvZJ6+j/mQEyJ6+j/mb03pX5:PKPNArAfi1
Score

7^/10

defense_evasion execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecution

behavioral2

defense_evasionexecution