General
-
Target
H7C5A4CM38A.js
-
Size
82KB
-
Sample
211018-yft4msfeap
-
MD5
16fd0d1a92c42595ec8f23280b4fad7e
-
SHA1
1bd1e26a23a877c7f7c3e7afe6ffc877562ca83d
-
SHA256
8e019a20811f084e9fc63ef36a746b051e9b27292292110917f66f5f98e5cc20
-
SHA512
b35ecf9551087a0de00fd47677a2a3ff0b846f62d2a24ae013287597fe4d7591beea44ee4f468acccaf325529f5169d0594187e3d1b2ff02f9e8992ab89a42b0
Static task
static1
Behavioral task
behavioral1
Sample
H7C5A4CM38A.js
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
H7C5A4CM38A.js
Resource
win10-en-20211014
Malware Config
Extracted
vjw0rm
http://5800js.duckdns.org:5800
Targets
-
-
Target
H7C5A4CM38A.js
-
Size
82KB
-
MD5
16fd0d1a92c42595ec8f23280b4fad7e
-
SHA1
1bd1e26a23a877c7f7c3e7afe6ffc877562ca83d
-
SHA256
8e019a20811f084e9fc63ef36a746b051e9b27292292110917f66f5f98e5cc20
-
SHA512
b35ecf9551087a0de00fd47677a2a3ff0b846f62d2a24ae013287597fe4d7591beea44ee4f468acccaf325529f5169d0594187e3d1b2ff02f9e8992ab89a42b0
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-