General
-
Target
G62J15CB97C53V.js
-
Size
81KB
-
Sample
211014-sltgeahhh3
-
MD5
c5b048b21730de23dabcc6758914a2f7
-
SHA1
e9d5f9bee531aff20d8c8f64b70e51861b9f6b81
-
SHA256
6566e970bb140ac6ecdc59a11319c7a0650dbae2c182157e7f51b9bb8502c34e
-
SHA512
a83d03ce24643e91f40ecaeddefbc55fa2720df6e75f7422e8470caf8e3199b8d8c7783e0665a6d176ea44e1d4f7b6d415e903d7bc25fd2cab3ae4e347005975
Static task
static1
Behavioral task
behavioral1
Sample
G62J15CB97C53V.js
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
G62J15CB97C53V.js
Resource
win10-en-20210920
Malware Config
Extracted
vjw0rm
http://6800js.duckdns.org:6800
Targets
-
-
Target
G62J15CB97C53V.js
-
Size
81KB
-
MD5
c5b048b21730de23dabcc6758914a2f7
-
SHA1
e9d5f9bee531aff20d8c8f64b70e51861b9f6b81
-
SHA256
6566e970bb140ac6ecdc59a11319c7a0650dbae2c182157e7f51b9bb8502c34e
-
SHA512
a83d03ce24643e91f40ecaeddefbc55fa2720df6e75f7422e8470caf8e3199b8d8c7783e0665a6d176ea44e1d4f7b6d415e903d7bc25fd2cab3ae4e347005975
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-