General
-
Target
n2m18_Payment_receipt.js
-
Size
81KB
-
Sample
211026-s77k6ahhc2
-
MD5
b52fe288ee67ceccaeee80dc4749c358
-
SHA1
38c1641f3aa617170306572bfd41e8a30b42d693
-
SHA256
0aeb9b8280cf3a77ec5e44ff5b3866aa17f011a1e0b47dd7b70133d8fd607b56
-
SHA512
dbf83aee7ad7a2691883226a5a960a3b7e7484fcc96a4023572f30e4e34e35647ecf52b918f5323f625a474183bf716e01ab580ab13329d56638677643418c43
Static task
static1
Behavioral task
behavioral1
Sample
n2m18_Payment_receipt.js
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
n2m18_Payment_receipt.js
Resource
win10-en-20210920
Malware Config
Extracted
vjw0rm
http://6200js.duckdns.org:6200
Targets
-
-
Target
n2m18_Payment_receipt.js
-
Size
81KB
-
MD5
b52fe288ee67ceccaeee80dc4749c358
-
SHA1
38c1641f3aa617170306572bfd41e8a30b42d693
-
SHA256
0aeb9b8280cf3a77ec5e44ff5b3866aa17f011a1e0b47dd7b70133d8fd607b56
-
SHA512
dbf83aee7ad7a2691883226a5a960a3b7e7484fcc96a4023572f30e4e34e35647ecf52b918f5323f625a474183bf716e01ab580ab13329d56638677643418c43
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-