General
-
Target
extracted.js
-
Size
18KB
-
Sample
210901-efrk2f188x
-
MD5
1d9327d69fd263ac645b6a4eef31cb24
-
SHA1
3cff6c8d464e8c254048635dd68e31225ffcb6e4
-
SHA256
b302998fc5e3ff4a61d22f5c35ea5e168e040d10bc8437cf8c190bfc27e63dd0
-
SHA512
50cf6ff55a3f73803b4b1313c029e08e66e62ff6de1fd839fec21aecc09d30254616a3b8aab271828a7a69f4835d155ee4af53bb3c4daaa3b4a1cb2305409e2f
Static task
static1
Behavioral task
behavioral1
Sample
extracted.js
Resource
win7v20210410
Behavioral task
behavioral2
Sample
extracted.js
Resource
win10v20210408
Malware Config
Targets
-
-
Target
extracted.js
-
Size
18KB
-
MD5
1d9327d69fd263ac645b6a4eef31cb24
-
SHA1
3cff6c8d464e8c254048635dd68e31225ffcb6e4
-
SHA256
b302998fc5e3ff4a61d22f5c35ea5e168e040d10bc8437cf8c190bfc27e63dd0
-
SHA512
50cf6ff55a3f73803b4b1313c029e08e66e62ff6de1fd839fec21aecc09d30254616a3b8aab271828a7a69f4835d155ee4af53bb3c4daaa3b4a1cb2305409e2f
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-