General
-
Target
receipt_ups.js
-
Size
22KB
-
Sample
211208-xzdqbsacel
-
MD5
45da0659e1a6f35fc8c740dafcbb5435
-
SHA1
083d64752001598e019b8a74db75f992121f7cf5
-
SHA256
1b706876d4f0d013e451fecd02d7f5486650efe4593bac4e74d51d0d164d3fb9
-
SHA512
0125b2f121db439fd64552e1c854d7e9fdc30c0fc3c380676c20c21987118739f6d2ff89b72a1e155d4c276ea12d12c836180a096d341d66f2c7fcc5209a0210
Static task
static1
Behavioral task
behavioral1
Sample
receipt_ups.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
receipt_ups.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9998
Targets
-
-
Target
receipt_ups.js
-
Size
22KB
-
MD5
45da0659e1a6f35fc8c740dafcbb5435
-
SHA1
083d64752001598e019b8a74db75f992121f7cf5
-
SHA256
1b706876d4f0d013e451fecd02d7f5486650efe4593bac4e74d51d0d164d3fb9
-
SHA512
0125b2f121db439fd64552e1c854d7e9fdc30c0fc3c380676c20c21987118739f6d2ff89b72a1e155d4c276ea12d12c836180a096d341d66f2c7fcc5209a0210
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-