General
-
Target
Purchase Order.js
-
Size
182KB
-
Sample
211117-hcxscseedk
-
MD5
8826c639ae62bff0d5dd539b27e644be
-
SHA1
361925a599cd93ecdccbaa198259e867c6149642
-
SHA256
164adfc0ca7532418e87f0ddc2d511b2cd301883453848614d0d32ab3b407ae0
-
SHA512
4e76f4e72c2cc8bbe06ed4b4faba04bccb22999327f27d38ba6e988d366881fb0b56728b11fffa4b677f7829c7cb6a3daf94e857eb0c1cfa7570ffc11d60238a
Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Purchase Order.js
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
Purchase Order.js
-
Size
182KB
-
MD5
8826c639ae62bff0d5dd539b27e644be
-
SHA1
361925a599cd93ecdccbaa198259e867c6149642
-
SHA256
164adfc0ca7532418e87f0ddc2d511b2cd301883453848614d0d32ab3b407ae0
-
SHA512
4e76f4e72c2cc8bbe06ed4b4faba04bccb22999327f27d38ba6e988d366881fb0b56728b11fffa4b677f7829c7cb6a3daf94e857eb0c1cfa7570ffc11d60238a
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-