General
-
Target
Proof of payment.js
-
Size
182KB
-
Sample
211116-mkyrvadcc8
-
MD5
f6f383f83197dcd81059162d814d811c
-
SHA1
520b5a85eaf292084572e48c61c2f58099c48e8a
-
SHA256
2cb04cb6813e7b758f1fc21bb33866d83d39ddce040ec40145ec00da799afa9e
-
SHA512
f969adb29ddcd7260439d169fb2abf6d31d9f39d4afed150c5307a4243efa5313231729a0301238294c65584ec4576d70a283cad0bfb7fc521b302dff59bcfc8
Static task
static1
Behavioral task
behavioral1
Sample
Proof of payment.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Proof of payment.js
Resource
win10-en-20211104
Malware Config
Targets
-
-
Target
Proof of payment.js
-
Size
182KB
-
MD5
f6f383f83197dcd81059162d814d811c
-
SHA1
520b5a85eaf292084572e48c61c2f58099c48e8a
-
SHA256
2cb04cb6813e7b758f1fc21bb33866d83d39ddce040ec40145ec00da799afa9e
-
SHA512
f969adb29ddcd7260439d169fb2abf6d31d9f39d4afed150c5307a4243efa5313231729a0301238294c65584ec4576d70a283cad0bfb7fc521b302dff59bcfc8
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-