General
-
Target
eReceipt.js
-
Size
15KB
-
Sample
211021-a8cs3ahfh7
-
MD5
34a9c964dd6fb26993c5c5bc7a947a1b
-
SHA1
f0e16f5620d6be57fe3acd3bc71b2bbd3847c2d3
-
SHA256
3de222c8faa973c5eeaf92c222b505700c626e80a439c3621a1c0c637babdf57
-
SHA512
14df72fedcfd19818807bf90bdd5e292fc01bb25d2cc671cd02a8249920b542922be56cc256774f17b85b411955e80fc9294eaf27dfcd36f90743e5e3bfcb1c9
Static task
static1
Behavioral task
behavioral1
Sample
eReceipt.js
Resource
win7-en-20210920
Malware Config
Extracted
vjw0rm
http://loadcash.duckdns.org:7779
http://gameserver-789.duia.ro:6789
Targets
-
-
Target
eReceipt.js
-
Size
15KB
-
MD5
34a9c964dd6fb26993c5c5bc7a947a1b
-
SHA1
f0e16f5620d6be57fe3acd3bc71b2bbd3847c2d3
-
SHA256
3de222c8faa973c5eeaf92c222b505700c626e80a439c3621a1c0c637babdf57
-
SHA512
14df72fedcfd19818807bf90bdd5e292fc01bb25d2cc671cd02a8249920b542922be56cc256774f17b85b411955e80fc9294eaf27dfcd36f90743e5e3bfcb1c9
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-