General
-
Target
A8C6V54AM1J3.js
-
Size
81KB
-
Sample
211023-gde39sdahj
-
MD5
8e360cfe10e8ce9eeea8077ecb1f6631
-
SHA1
82f92d41950b51ca66c895db586763b65a458d76
-
SHA256
f8e78f1b8cd9486394f92585cef32b870d6f4e18f803c5a740129562510362c3
-
SHA512
4d8b8061855b81c3af3d4a8dce86347fb23ab2ac7febc997ae17d953fbe52e199c20b3aeb8bcc30e6e0be0d52811fa8f7134dffce1202e3e6723c0331806c5c8
Static task
static1
Behavioral task
behavioral1
Sample
A8C6V54AM1J3.js
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
A8C6V54AM1J3.js
Resource
win10-en-20210920
Malware Config
Extracted
vjw0rm
http://6300js.duckdns.org:6300
Targets
-
-
Target
A8C6V54AM1J3.js
-
Size
81KB
-
MD5
8e360cfe10e8ce9eeea8077ecb1f6631
-
SHA1
82f92d41950b51ca66c895db586763b65a458d76
-
SHA256
f8e78f1b8cd9486394f92585cef32b870d6f4e18f803c5a740129562510362c3
-
SHA512
4d8b8061855b81c3af3d4a8dce86347fb23ab2ac7febc997ae17d953fbe52e199c20b3aeb8bcc30e6e0be0d52811fa8f7134dffce1202e3e6723c0331806c5c8
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-