General
-
Target
g1m3_Payment_receipt.js
-
Size
81KB
-
Sample
211026-s77k6ahhb6
-
MD5
227c97971e3a533da777df3558817c33
-
SHA1
20e0339535e0c0ca20830a7929dd85c0648c5c11
-
SHA256
986a95a00339276c26cb9a6ed50fba01e5c40e3cb0201c1c03aae14002a564a2
-
SHA512
a10d0f9d79bb9eefbdc410086d62c9e59b2dd06ec140820c207c8c4b1cde594eccc28a4736d0d3b13b750b269d3ee14ee6c41240ddde917d1af934eba110cce7
Static task
static1
Behavioral task
behavioral1
Sample
g1m3_Payment_receipt.js
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
g1m3_Payment_receipt.js
Resource
win10-en-20211014
Malware Config
Extracted
vjw0rm
http://6200js.duckdns.org:6200
Targets
-
-
Target
g1m3_Payment_receipt.js
-
Size
81KB
-
MD5
227c97971e3a533da777df3558817c33
-
SHA1
20e0339535e0c0ca20830a7929dd85c0648c5c11
-
SHA256
986a95a00339276c26cb9a6ed50fba01e5c40e3cb0201c1c03aae14002a564a2
-
SHA512
a10d0f9d79bb9eefbdc410086d62c9e59b2dd06ec140820c207c8c4b1cde594eccc28a4736d0d3b13b750b269d3ee14ee6c41240ddde917d1af934eba110cce7
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-