General
-
Target
http://recp.mkt91.net/ctt?m=804040&r=Njg0NjYxMDU1NQS2&b=0&j=NjAwMDczOTg3S0&k=NCLogo&kx=1&kt=12&kd=https://0bhmf.csb.app#scyrus@evolenthealth.com
-
Sample
210122-gyf84k1sxs
Static task
static1
URLScan task
urlscan1
Sample
http://recp.mkt91.net/ctt?m=804040&r=Njg0NjYxMDU1NQS2&b=0&j=NjAwMDczOTg3S0&k=NCLogo&kx=1&kt=12&kd=https://0bhmf.csb.app#scyrus@evolenthealth.com
Behavioral task
behavioral1
Sample
http://recp.mkt91.net/ctt?m=804040&r=Njg0NjYxMDU1NQS2&b=0&j=NjAwMDczOTg3S0&k=NCLogo&kx=1&kt=12&kd=https://0bhmf.csb.app#scyrus@evolenthealth.com
Resource
win10v20201028
Malware Config
Targets
-
-
Target
http://recp.mkt91.net/ctt?m=804040&r=Njg0NjYxMDU1NQS2&b=0&j=NjAwMDczOTg3S0&k=NCLogo&kx=1&kt=12&kd=https://0bhmf.csb.app#scyrus@evolenthealth.com
Score6/10-
JavaScript code in executable
-
Program crash
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-