General
-
Target
PG4636.js
-
Size
25KB
-
Sample
211130-xam8gafhen
-
MD5
3a55168bae35da0ff8a02ca13b65feec
-
SHA1
dcf7b48bfb2a994598d0f0a45c24121a4ee22255
-
SHA256
e114d03550228080f08b8053424ad98b31e285b64b5dc4d1476b93cc5a6ccfe3
-
SHA512
1cb2db2a7beedcb84ade4fb6d91f5408932d4acfb94ae08fac98c7571e544af6b57475469f7f49cf4348bd8852df2bd8e5fc9b931bfa18ac38e2d447a1411b74
Static task
static1
Behavioral task
behavioral1
Sample
PG4636.js
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
PG4636.js
Resource
win10-en-20211104
Malware Config
Extracted
vjw0rm
http://spdxx.ddns.net:5050
Targets
-
-
Target
PG4636.js
-
Size
25KB
-
MD5
3a55168bae35da0ff8a02ca13b65feec
-
SHA1
dcf7b48bfb2a994598d0f0a45c24121a4ee22255
-
SHA256
e114d03550228080f08b8053424ad98b31e285b64b5dc4d1476b93cc5a6ccfe3
-
SHA512
1cb2db2a7beedcb84ade4fb6d91f5408932d4acfb94ae08fac98c7571e544af6b57475469f7f49cf4348bd8852df2bd8e5fc9b931bfa18ac38e2d447a1411b74
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-