General
-
Target
receipt.js
-
Size
22KB
-
Sample
211207-byjdjaffcl
-
MD5
324c008ca3575a7b40ebec55eb1e17ce
-
SHA1
8a6058d5da5ce7a45029eaff6fdc048eb22bccbc
-
SHA256
0fe9f33914e59398a946e711307b64ec4ed7bf13fdf466be1750a77602772007
-
SHA512
a193ab7dbca59c81526a00c2606e5825495cc5a6f4a7c0d04af6af2bfaaab0bf560bedbf27fb7de8a71476d0facd62ec9cb94a74ad1907eeb91e0cfb68d63732
Static task
static1
Behavioral task
behavioral1
Sample
receipt.js
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
receipt.js
Resource
win10-en-20211104
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9998
Targets
-
-
Target
receipt.js
-
Size
22KB
-
MD5
324c008ca3575a7b40ebec55eb1e17ce
-
SHA1
8a6058d5da5ce7a45029eaff6fdc048eb22bccbc
-
SHA256
0fe9f33914e59398a946e711307b64ec4ed7bf13fdf466be1750a77602772007
-
SHA512
a193ab7dbca59c81526a00c2606e5825495cc5a6f4a7c0d04af6af2bfaaab0bf560bedbf27fb7de8a71476d0facd62ec9cb94a74ad1907eeb91e0cfb68d63732
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-