General
-
Target
Quotation Request.js
-
Size
182KB
-
Sample
211126-vkpsyadfcr
-
MD5
139a802a41a3cf3b519da12477dda186
-
SHA1
8ad3d729e90795304bd7920e17d3ea8f54f2baf2
-
SHA256
636cb98f6293e4bebf2cc5ec0bef87f081dd9002ebbc26f0f0253ac7cfb0cee2
-
SHA512
c044b6d696f79e2bf766a4e0d90c488df1406ccfd327e424c2479d06970a8182041dc6912cf7df11874c88a9ce77ba4ad9d44c034dbdb5287120f4f1212d30b1
Static task
static1
Behavioral task
behavioral1
Sample
Quotation Request.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Quotation Request.js
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
Quotation Request.js
-
Size
182KB
-
MD5
139a802a41a3cf3b519da12477dda186
-
SHA1
8ad3d729e90795304bd7920e17d3ea8f54f2baf2
-
SHA256
636cb98f6293e4bebf2cc5ec0bef87f081dd9002ebbc26f0f0253ac7cfb0cee2
-
SHA512
c044b6d696f79e2bf766a4e0d90c488df1406ccfd327e424c2479d06970a8182041dc6912cf7df11874c88a9ce77ba4ad9d44c034dbdb5287120f4f1212d30b1
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-