General
-
Target
1ZKS82JS90.ISO
-
Size
1.2MB
-
Sample
211026-sp6k5shgf3
-
MD5
f94757efa394df69e2db679347d8dba8
-
SHA1
be6f8665728caaaf28e0e9c686a0324d36475bb3
-
SHA256
bc01af8053e12e974ed8f7bf2f0e39e7ebb608e9061e506bbeae69e2c9ca309b
-
SHA512
a1123ce54f8cf1894c4c8ca8af1fe42a7fed48876640ce13c622bb9739e337e2401701c17d5dffb85023335dbf7fca11b8d7e14aa3198df390d15df45097bedf
Static task
static1
Behavioral task
behavioral1
Sample
_1ZKS82J.JS
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
_1ZKS82J.JS
Resource
win10-en-20210920
Malware Config
Extracted
vjw0rm
http://gg1592661.duckdns.org:7924
Targets
-
-
Target
_1ZKS82J.JS
-
Size
11KB
-
MD5
57fe2a982978c1e408718062dc779ba1
-
SHA1
cacff8bc0a97889e5096b6944795ca6eeb916e8f
-
SHA256
8ffde50491ef1cfc93f417b731186a08fb6c3e5aad21f131a60b87936bd3f850
-
SHA512
9b921cb1a2fa12ac966f7e724ae38d0410efde4683b1a0dcb5f68204003e7479920d099cce6c9ce96942a52984e315f9ed0c94dcaee9c443691b26da656a6c26
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-