General
-
Target
#W001GHSAUOE.js
-
Size
9KB
-
Sample
211203-tnhy5ahabq
-
MD5
36c3359bca64a2b82522683affa53890
-
SHA1
caf2f131cc751a5c7bdf4567cb3cc9cbd8d09518
-
SHA256
df4b5433be2f699b83be1bc1b006c0e04c2e455e0386a630f307086d00913012
-
SHA512
2a761f26c49ef557b6354ccd40f2da848040fdbf7cd9bab22cf4264ad9c44f74e024c8de3e8e2ff5c16335e26e2bc8b67dacd223d53b69792582c4b1a83811f4
Static task
static1
Behavioral task
behavioral1
Sample
#W001GHSAUOE.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
#W001GHSAUOE.js
Resource
win10-en-20211014
Malware Config
Extracted
vjw0rm
http://russolouis49.duckdns.org:7903
Targets
-
-
Target
#W001GHSAUOE.js
-
Size
9KB
-
MD5
36c3359bca64a2b82522683affa53890
-
SHA1
caf2f131cc751a5c7bdf4567cb3cc9cbd8d09518
-
SHA256
df4b5433be2f699b83be1bc1b006c0e04c2e455e0386a630f307086d00913012
-
SHA512
2a761f26c49ef557b6354ccd40f2da848040fdbf7cd9bab22cf4264ad9c44f74e024c8de3e8e2ff5c16335e26e2bc8b67dacd223d53b69792582c4b1a83811f4
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-