General
-
Target
Order3208.js
-
Size
29KB
-
Sample
211203-pabknsbdh2
-
MD5
27a5d58d71b7828b41107a4633322834
-
SHA1
3acc210b5ad56e6965df478312663bb0e9b17565
-
SHA256
156b59073a696c468476a8c2cf68208fbf6a44efa46a7d908414fdef4ba46a79
-
SHA512
ebb6732024ae3823e418b6c16567d0f10b8aa422a135bd4de0452632334b410016c55f33444cd38a92663bd431784d9566a1b8f1ebde158f004646156036a168
Static task
static1
Behavioral task
behavioral1
Sample
Order3208.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Order3208.js
Resource
win10-en-20211104
Malware Config
Extracted
vjw0rm
http://dwal-vesj.duckdns.org:6322
Targets
-
-
Target
Order3208.js
-
Size
29KB
-
MD5
27a5d58d71b7828b41107a4633322834
-
SHA1
3acc210b5ad56e6965df478312663bb0e9b17565
-
SHA256
156b59073a696c468476a8c2cf68208fbf6a44efa46a7d908414fdef4ba46a79
-
SHA512
ebb6732024ae3823e418b6c16567d0f10b8aa422a135bd4de0452632334b410016c55f33444cd38a92663bd431784d9566a1b8f1ebde158f004646156036a168
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-