General
-
Target
temp.js
-
Size
81KB
-
Sample
211013-vv2v9aeedp
-
MD5
cef5ae43fcc340029300954a60931ca5
-
SHA1
f7f67f70c25c1a7d59ed79e896ef47b0efa83d86
-
SHA256
c05fa4aabfad177a35fb044dfbe9354a91a7e06ccba7e9b1aa349a7b11f3c6ab
-
SHA512
4e8a0fe5a850ec7db3cc1e30f609e02a7934eba6e0e2978d304d32573606a75565b0ab7bc7d3f3979b9eeb70ce380f9d1d1f17cb80564c2ed786efbe03ec8804
Static task
static1
Behavioral task
behavioral1
Sample
temp.js
Resource
win7v20210408
Behavioral task
behavioral2
Sample
temp.js
Resource
win10-en-20210920
Malware Config
Extracted
vjw0rm
http://7700js.duckdns.org:7700
Targets
-
-
Target
temp.js
-
Size
81KB
-
MD5
cef5ae43fcc340029300954a60931ca5
-
SHA1
f7f67f70c25c1a7d59ed79e896ef47b0efa83d86
-
SHA256
c05fa4aabfad177a35fb044dfbe9354a91a7e06ccba7e9b1aa349a7b11f3c6ab
-
SHA512
4e8a0fe5a850ec7db3cc1e30f609e02a7934eba6e0e2978d304d32573606a75565b0ab7bc7d3f3979b9eeb70ce380f9d1d1f17cb80564c2ed786efbe03ec8804
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-