General
-
Target
sample.js
-
Size
910KB
-
Sample
210421-hdy34hn7e2
-
MD5
883fa46edf3dfc3d4160faa2704c828e
-
SHA1
27163d08ca6d045bd9a377cf6e7908c48f986caa
-
SHA256
fc594743679135ba55d13ef203c1a4110ec80cf207f01af9dfdf287fc83321e8
-
SHA512
dd5627aa87a517e82c74a7a189e2f4ba00715fd4f09d2888323317d098b7b78a615936f3e236e4f4308ea2ee1d0fd245755a61bb6830e9f58ac539bff6865d09
Static task
static1
Behavioral task
behavioral1
Sample
sample.js
Resource
win7v20210410
Behavioral task
behavioral2
Sample
sample.js
Resource
win10v20210410
Malware Config
Targets
-
-
Target
sample.js
-
Size
910KB
-
MD5
883fa46edf3dfc3d4160faa2704c828e
-
SHA1
27163d08ca6d045bd9a377cf6e7908c48f986caa
-
SHA256
fc594743679135ba55d13ef203c1a4110ec80cf207f01af9dfdf287fc83321e8
-
SHA512
dd5627aa87a517e82c74a7a189e2f4ba00715fd4f09d2888323317d098b7b78a615936f3e236e4f4308ea2ee1d0fd245755a61bb6830e9f58ac539bff6865d09
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-