General
-
Target
TOO89_Payment_Invoice.js
-
Size
12KB
-
Sample
211018-yepsjaeed4
-
MD5
3e7dd715a15046585cb8034a1fa847b3
-
SHA1
4cbe1b633a7859821c0b7082385407cb140a0ba5
-
SHA256
5518f5e20b27a4b10ebc7abce37c733ab532354b5db6aed7edf19c25caba2ff3
-
SHA512
42777bf0328fe9844aa93e8394f11aba8d02d6bbc77980da2c22bb5b9f9a646763ed4506976dfbf3d2476ca63fbc0845bb5be64c3a6c745daffdd7f7d85f960a
Static task
static1
Behavioral task
behavioral1
Sample
TOO89_Payment_Invoice.js
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
TOO89_Payment_Invoice.js
Resource
win10-en-20210920
Malware Config
Extracted
vjw0rm
http://btime1624.duckdns.org:7923
Targets
-
-
Target
TOO89_Payment_Invoice.js
-
Size
12KB
-
MD5
3e7dd715a15046585cb8034a1fa847b3
-
SHA1
4cbe1b633a7859821c0b7082385407cb140a0ba5
-
SHA256
5518f5e20b27a4b10ebc7abce37c733ab532354b5db6aed7edf19c25caba2ff3
-
SHA512
42777bf0328fe9844aa93e8394f11aba8d02d6bbc77980da2c22bb5b9f9a646763ed4506976dfbf3d2476ca63fbc0845bb5be64c3a6c745daffdd7f7d85f960a
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-