General
-
Target
receipt_ups.js
-
Size
22KB
-
Sample
211213-xkswpseag4
-
MD5
0dfd936ef5362d6532650276d65d140c
-
SHA1
3f904ab0619f5938ac5c01aa661c4bb30a2a53bb
-
SHA256
3f6cb1cc82738a84df939a7e311a487a8d7fc261fc177b00ddf26a56175fd050
-
SHA512
0cef42115b23be5e6b130566854da79a13fc74ee14b02fef67f041d661ab670236297dbb692e5a55881fab83745d42d3d7c1db5705f8e5d4705623bee52c5bc6
Static task
static1
Behavioral task
behavioral1
Sample
receipt_ups.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
receipt_ups.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9998
Targets
-
-
Target
receipt_ups.js
-
Size
22KB
-
MD5
0dfd936ef5362d6532650276d65d140c
-
SHA1
3f904ab0619f5938ac5c01aa661c4bb30a2a53bb
-
SHA256
3f6cb1cc82738a84df939a7e311a487a8d7fc261fc177b00ddf26a56175fd050
-
SHA512
0cef42115b23be5e6b130566854da79a13fc74ee14b02fef67f041d661ab670236297dbb692e5a55881fab83745d42d3d7c1db5705f8e5d4705623bee52c5bc6
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-