General
-
Target
4988109_Payment_Invoice_Receipt.js
-
Size
81KB
-
Sample
211206-hjmkzagcc4
-
MD5
f3592ef1ba926bbbe23fd3733d65c4d9
-
SHA1
d38daa37f82b1da083d88cd5b4d85962b07e1589
-
SHA256
505998d8cb3f4b56a9551138bac8262da3be7813c05b932ebae7eba9dbadc938
-
SHA512
638de28505536930c4e78aa3cdfd97cd9580efbfd0bc6b534ab9f715227c563eba6b33068910766253c822c2d799e0ee650426488495274e49377b77e000c14e
Static task
static1
Behavioral task
behavioral1
Sample
4988109_Payment_Invoice_Receipt.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
4988109_Payment_Invoice_Receipt.js
Resource
win10-en-20211014
Malware Config
Extracted
vjw0rm
http://3000js.duckdns.org:3000
Targets
-
-
Target
4988109_Payment_Invoice_Receipt.js
-
Size
81KB
-
MD5
f3592ef1ba926bbbe23fd3733d65c4d9
-
SHA1
d38daa37f82b1da083d88cd5b4d85962b07e1589
-
SHA256
505998d8cb3f4b56a9551138bac8262da3be7813c05b932ebae7eba9dbadc938
-
SHA512
638de28505536930c4e78aa3cdfd97cd9580efbfd0bc6b534ab9f715227c563eba6b33068910766253c822c2d799e0ee650426488495274e49377b77e000c14e
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-