General
-
Target
#P0081.js
-
Size
12KB
-
Sample
210831-tyb4g5388j
-
MD5
f11cc55481ff89ec58a4deae47fbd05c
-
SHA1
d777ebeae01c1ebe4b5167660d086142ddc8b886
-
SHA256
154a7b5cc9e3c3f3d4721ebe993f88b7594efa3f2b3b1d61a23c8f6fae409f32
-
SHA512
026ad8686b8073c8a3b219309d09b97b7372eec6b24be907897b36064917a2c9a925f25ef063020a9da005fe8048db861130d82bbc5c989fce65cd4aecfd9412
Static task
static1
Behavioral task
behavioral1
Sample
#P0081.js
Resource
win7v20210410
Behavioral task
behavioral2
Sample
#P0081.js
Resource
win10v20210408
Malware Config
Targets
-
-
Target
#P0081.js
-
Size
12KB
-
MD5
f11cc55481ff89ec58a4deae47fbd05c
-
SHA1
d777ebeae01c1ebe4b5167660d086142ddc8b886
-
SHA256
154a7b5cc9e3c3f3d4721ebe993f88b7594efa3f2b3b1d61a23c8f6fae409f32
-
SHA512
026ad8686b8073c8a3b219309d09b97b7372eec6b24be907897b36064917a2c9a925f25ef063020a9da005fe8048db861130d82bbc5c989fce65cd4aecfd9412
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-