SUSP_JS_OBFUSC_Unknown_Feb23_1

Rule Info

Tags
['SUSP', 'T1027', 'OBFUS']
Description
Detects unknown JavaScript obfuscator noticed in February 2023
Required Modules
[]
Date
2023-02-21
Score
75
Author
Florian Roth
Name
SUSP_JS_OBFUSC_Unknown_Feb23_1
Rule Hash
7dd427759ff6dd74ec37f5039cf26def
Reference
https://twitter.com/malwrhunterteam/status/1627751337252249600
Minimum Yara
1.7
Virustotal Matches
https://www.virustotal.com/gui/search/susp_js_obfusc_unknown_feb23_1/comments

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
2
Suspicious (< 10 engines)
23
Clean (0 engines)
4

Rule Matches

Total
Positives
Timestamp
Hash
VT
59
0
2023-03-24 06:30:55
0cb828419d072fc9ab1aa13062024a62024f87b7b6d7612c9f158542b8ed4e33
55
0
2023-03-20 11:12:15
044239aa38c502407fb10f78b1b553a8f0343f86c299e3fed69b329967448020
58
0
2023-03-15 02:49:57
2e8df79b8abee1da152c912502d77394ae96a96d23d125919a9f0c9608c00267
59
0
2023-03-14 21:24:09
9621c823db7cc2a7fdbb0cd5ec65b89b1aac89d78416c962f3f8e8300ced9ae3
69
37
2023-03-11 11:43:31
031eebdc25543ac6bcfe9c0b8a769d0295344947eeb9a9bc4feb4596d1fb59ea
59
7
2023-03-11 05:20:03
aebc3ba8782c248b1c827db01abe5c68982c04dd85e54318f811b8cf12a5483b
59
5
2023-03-07 23:14:38
29bd67ada6be4fe31940b67729f494cff43d8140ace5b1f66ed424b88acf2593
59
1
2023-03-06 21:07:37
6eb30ad75c892cfda179b228313c8af05a04f1f6cf7905004ced7327e854aaf8
58
1
2023-03-06 20:21:52
b0a7b2425d4188599e2036e315fa221f71e17503c65975680af5f5df7e5ee760
59
1
2023-03-06 20:20:41
0631290310bc0f20d918652d6aab92b55ca35c40899d292a085e7c60b3d9acfc
59
1
2023-03-06 20:20:41
dada21b9c90fa02373201426ae92961a2bb744e27a4ac789d25af9ad64025fa7
59
1
2023-03-06 20:11:38
56506f1430c88f4ddf026b54369f42ebfac40c2e114fe21a19f81d648f2a05de
59
1
2023-03-06 20:07:10
9191e6d131aa04c5bf8e917577c4aecd5dfc369eefb10a5b7414061544d098cf
59
1
2023-03-06 20:07:10
fb9ee5a06b4399375637923c41ee57ece61d6ff7046e2178eb5ebc0b74cac1b4
59
1
2023-03-06 20:07:10
a29750d563536f6785998f95ed5bb281bb047c6039e6053748b9eaa4070822c3
59
1
2023-03-06 20:07:10
90848cbfeadbbeaf88c40a9eb6cc498ed99082696e157111cd8186188636f0d6
59
1
2023-03-06 19:23:19
fa0329f4b3442c6403ac31490a697ea2693d44841845cbd9a427ff95155df86a
59
1
2023-03-06 19:07:06
d87467105bbd661b05f0b85c5436ad733bcac3de409a1cabeeffbcc5c4c063fa
59
1
2023-03-06 19:07:06
acb42fa422d745b04160a650a2257cd8a0dd7dee2970754c88d738490979afa0
59
1
2023-03-06 19:07:06
9d8329a85fb0aca578ad21c4c5bdeb5b960df15f7ca8249bcf811af3addd61ea
59
1
2023-03-06 19:07:06
830deb024d4baf089cd3c75aae807d0dfbaea1db6de5f3206210bcec890e57c2
59
1
2023-03-06 19:07:06
51712e4c053462dee0b6e931020619f52e0ae9e4942ffa0e0ad035f1b9321a2c
59
1
2023-03-06 19:07:06
4c17d1086faea29e9302068fadbbcdd937e69ed047b2e16c47abb9df1297104a
59
1
2023-03-06 18:15:07
a71e636b72381ad9d0cd504100a20fe6d4938b6c5702061a44f039c2688fa615
59
1
2023-03-06 18:10:51
85d8a235314c371d4891baeb0d05116854dabda2aa562a93e51aa22914c2487f
57
1
2023-03-02 19:53:18
fd82aabebd4b206d46ba0d6f3cbdcb9ea620086dba75851c03fd618a3c96b439
59
4
2023-02-28 17:02:32
c1dd38cb1c1b2184e516bad3ee586eec0ddd37c7c49ce937a63b3c9673612d2d
59
1
2023-02-27 19:22:45
b3051daf1bb20dfa1cbc49a1da48ad341ed3a3ccb86fa8ba5a264c4e98cdc0e0
59
18
2023-02-27 09:14:23
017f7fb81dad9de4238b0dc6e59989eda959d8626df7451e8afe1ece3892621d

Rule Matches per Month (last 24 months)

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022