General
-
Target
PaymentDetails#765.js
-
Size
240KB
-
Sample
210113-jwh4lbegb2
-
MD5
74bccd5892c45290559b623d0f9f628f
-
SHA1
4b2d9066f1542453af9f37bc421684e7a6eec255
-
SHA256
3ac7b7be256ed723792c50d44eb38da6207993463f7e7a5b1c3788ada0567d2e
-
SHA512
2ab01e3d379194e4d7f86ce2d973e827ccbe0f680d023ba2bbbe4b70cb06268ca5a9a50166616ca99822d84e9fb244976f758e00e56f48c45d1931f8267384c2
Static task
static1
Behavioral task
behavioral1
Sample
PaymentDetails#765.js
Resource
win7v20201028
Behavioral task
behavioral2
Sample
PaymentDetails#765.js
Resource
win10v20201028
Malware Config
Targets
-
-
Target
PaymentDetails#765.js
-
Size
240KB
-
MD5
74bccd5892c45290559b623d0f9f628f
-
SHA1
4b2d9066f1542453af9f37bc421684e7a6eec255
-
SHA256
3ac7b7be256ed723792c50d44eb38da6207993463f7e7a5b1c3788ada0567d2e
-
SHA512
2ab01e3d379194e4d7f86ce2d973e827ccbe0f680d023ba2bbbe4b70cb06268ca5a9a50166616ca99822d84e9fb244976f758e00e56f48c45d1931f8267384c2
Score8/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-