General
-
Target
readme.js
-
Size
10KB
-
Sample
210113-glj5eaddex
-
MD5
db49b6f1f379122685be9553c5cc0f37
-
SHA1
45788a5c0c0d97d9bed9c0e6115eca1edbad8ba6
-
SHA256
d8b5eaae03098bead91ff620656b9cfc569e5ac1befd0f55aee4cdb39e832b09
-
SHA512
1eae9f302d90b3a1887b9f74927bf9bfac0519ae0f4019497177eca3ac2086ed71b4296193bcf62ba493d7fe2e4d57f42ded79ed5e8789abca206a2185ebab23
Static task
static1
Behavioral task
behavioral1
Sample
readme.js
Resource
win7v20201028
Behavioral task
behavioral2
Sample
readme.js
Resource
win10v20201028
Malware Config
Extracted
http://t.zz3r0.com
Extracted
http://t.zer9g.com
Extracted
http://t.bb3u9.com
Extracted
http://t.bb3u9.com
Targets
-
-
Target
readme.js
-
Size
10KB
-
MD5
db49b6f1f379122685be9553c5cc0f37
-
SHA1
45788a5c0c0d97d9bed9c0e6115eca1edbad8ba6
-
SHA256
d8b5eaae03098bead91ff620656b9cfc569e5ac1befd0f55aee4cdb39e832b09
-
SHA512
1eae9f302d90b3a1887b9f74927bf9bfac0519ae0f4019497177eca3ac2086ed71b4296193bcf62ba493d7fe2e4d57f42ded79ed5e8789abca206a2185ebab23
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Stops running service(s)
-
Loads dropped DLL
-
Drops file in System32 directory
-