General
-
Target
PG4636.iso
-
Size
86KB
-
Sample
211206-sah7asecfp
-
MD5
c53604f66eb2b9c34249d0596954ff72
-
SHA1
83fd38d7b8d8f5275c12b35d259f6f069bcadbb6
-
SHA256
a83a0eedfbf72c7be9ffa9c6463dcd2894c9a8a58e1ad159c3c53e0c5320f4d5
-
SHA512
7ac47bcf2ac2d51fe561e1f030f6cb64c86a67e8d5014ac75e0ad2b4df90e91a8eeaf9147404cd22ad64e0f497098bec537316ddad5f03b647808a2d159b595b
Static task
static1
Behavioral task
behavioral1
Sample
PG4636.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
PG4636.js
Resource
win10-en-20211014
Malware Config
Extracted
vjw0rm
http://spdxx.ddns.net:5050
Targets
-
-
Target
PG4636.js
-
Size
25KB
-
MD5
3a55168bae35da0ff8a02ca13b65feec
-
SHA1
dcf7b48bfb2a994598d0f0a45c24121a4ee22255
-
SHA256
e114d03550228080f08b8053424ad98b31e285b64b5dc4d1476b93cc5a6ccfe3
-
SHA512
1cb2db2a7beedcb84ade4fb6d91f5408932d4acfb94ae08fac98c7571e544af6b57475469f7f49cf4348bd8852df2bd8e5fc9b931bfa18ac38e2d447a1411b74
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-