mintsloader | aec2646ebe29ad68516daec6f9cc1899e6a7a6278d72ce6a1c5c6ebe8158bac1 | Triage

Sharing

General

Target

aec2646ebe29ad68516daec6f9cc1899e6a7a6278d72ce6a1c5c6ebe8158bac1.js
Size

595KB
Sample

250303-rmy8lsznz9
MD5

e11e833bd0845410c1fd9e1e36159f35
SHA1

dd3973964cbabf55907780345f52570b6738d912
SHA256

aec2646ebe29ad68516daec6f9cc1899e6a7a6278d72ce6a1c5c6ebe8158bac1
SHA512

a3d3458ec3540bbbdc3f71ef8fc791cbcad92edb996e0eddf56d5b34459b85f753ae757919d9b21ccd5005d61ef05e601a4b9bf1bf204dcc971c6f27efa22e7a
SSDEEP

1536:ay99U99cssqg09Cqg099sqg09Nsqg09Qsq1sqg09V09esqg09Ysqg09Lsqqsqg07:YG

Score

10^/10

mintsloader execution loader

Malware Config

Targets

- Target
  
  aec2646ebe29ad68516daec6f9cc1899e6a7a6278d72ce6a1c5c6ebe8158bac1.js
- Size
  
  595KB
- MD5
  
  e11e833bd0845410c1fd9e1e36159f35
- SHA1
  
  dd3973964cbabf55907780345f52570b6738d912
- SHA256
  
  aec2646ebe29ad68516daec6f9cc1899e6a7a6278d72ce6a1c5c6ebe8158bac1
- SHA512
  
  a3d3458ec3540bbbdc3f71ef8fc791cbcad92edb996e0eddf56d5b34459b85f753ae757919d9b21ccd5005d61ef05e601a4b9bf1bf204dcc971c6f27efa22e7a
- SSDEEP
  
  1536:ay99U99cssqg09Cqg099sqg09Nsqg09Qsq1sqg09V09esqg09Ysqg09Lsqqsqg07:YG
Score

10^/10

execution mintsloader loader
- MintsLoader
  MintsLoader is a multi-stage malware loader.
  loader mintsloader
- Mintsloader family
  mintsloader
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

mintsloaderexecutionloader

	
		OSZAR »