General
-
Target
ORDER 211213AB.js
-
Size
309KB
-
Sample
211213-splkzadge5
-
MD5
6d1f37247016404997f0aea71bf6d012
-
SHA1
13be69202507178c513345c60fbb111cb8f2ccc0
-
SHA256
f0df36fdbb9aa896e774335fdcaa9cb7f914682ee392117ab43a0c1d85d49a26
-
SHA512
b14ca2616c862569a1b5c997bc6fd09a70598d46fe2d03649ed2e05a2b5fefc82cf6e44cf13448617615c6ce8d79ca0b4e4f953cc0e0be00f9af62d877ad30b7
Static task
static1
Behavioral task
behavioral1
Sample
ORDER 211213AB.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ORDER 211213AB.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://chongmei33.publicvm.com:7974
Targets
-
-
Target
ORDER 211213AB.js
-
Size
309KB
-
MD5
6d1f37247016404997f0aea71bf6d012
-
SHA1
13be69202507178c513345c60fbb111cb8f2ccc0
-
SHA256
f0df36fdbb9aa896e774335fdcaa9cb7f914682ee392117ab43a0c1d85d49a26
-
SHA512
b14ca2616c862569a1b5c997bc6fd09a70598d46fe2d03649ed2e05a2b5fefc82cf6e44cf13448617615c6ce8d79ca0b4e4f953cc0e0be00f9af62d877ad30b7
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-