General
-
Target
Request For Quotation.js
-
Size
184KB
-
Sample
211119-x2pwdaedc9
-
MD5
03f4c561554cab5c5e5f7dbf9e57f7ce
-
SHA1
9c9eed80f5cc2f86e1b62ecf888dfa0f4b71516e
-
SHA256
028a2581fc23163d20adea0679aa5473f04630850ea0fc122e73926ec8cb20bb
-
SHA512
cc217b2e40850d5ff07f4f5087d4394bf52d25c9346ab3b2de3f4df572b1fb6520ebe29058e965313146dbe5daeecaf2d98424c7a1861743f994e6382c328891
Static task
static1
Behavioral task
behavioral1
Sample
Request For Quotation.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Request For Quotation.js
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
Request For Quotation.js
-
Size
184KB
-
MD5
03f4c561554cab5c5e5f7dbf9e57f7ce
-
SHA1
9c9eed80f5cc2f86e1b62ecf888dfa0f4b71516e
-
SHA256
028a2581fc23163d20adea0679aa5473f04630850ea0fc122e73926ec8cb20bb
-
SHA512
cc217b2e40850d5ff07f4f5087d4394bf52d25c9346ab3b2de3f4df572b1fb6520ebe29058e965313146dbe5daeecaf2d98424c7a1861743f994e6382c328891
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-