General
-
Target
PO MFG ORDER W124494 - 2021-10-18 0009.js
-
Size
45KB
-
Sample
211019-kfa4wafdg6
-
MD5
225bff43c2aa2095bbc11f358628e2a1
-
SHA1
81645b5fa0518200da4b145cb3428e702cb76244
-
SHA256
1555172a8ed40bc21eb2136625a097d1d4c7c376a71ee89d657d070ec513c4be
-
SHA512
af5185929580578438032672b418148391b280180cd7b3e1c35435b485809519a67592d0fe99316f8b7253f9bb1536230036ae21c92c635316417278be4c5cd1
Static task
static1
Behavioral task
behavioral1
Sample
PO MFG ORDER W124494 - 2021-10-18 0009.js
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
PO MFG ORDER W124494 - 2021-10-18 0009.js
Resource
win10-en-20211014
Malware Config
Extracted
wshrat
http://fax-joh.dyn-ip24.de:20224
Targets
-
-
Target
PO MFG ORDER W124494 - 2021-10-18 0009.js
-
Size
45KB
-
MD5
225bff43c2aa2095bbc11f358628e2a1
-
SHA1
81645b5fa0518200da4b145cb3428e702cb76244
-
SHA256
1555172a8ed40bc21eb2136625a097d1d4c7c376a71ee89d657d070ec513c4be
-
SHA512
af5185929580578438032672b418148391b280180cd7b3e1c35435b485809519a67592d0fe99316f8b7253f9bb1536230036ae21c92c635316417278be4c5cd1
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-