General
-
Target
receipt.js
-
Size
22KB
-
Sample
211215-llgdhsabdk
-
MD5
31178620b92ff3a6eccf7f99d0afab59
-
SHA1
8d703a22a6759103b2a1ff50d08f467dbb6dbd0f
-
SHA256
0e8c99f0e1fd9ea10d561d07a7bb1a0e26b6ae081d1324f5549489e58f4b3255
-
SHA512
ae8f0e92c4c5acc91d3bd532b00b4ef8dcfe00b58611cbd40e0093f7402f0165095661b61f2621e0f64feba356c3fafc2f55ef892cc1f6924b79c05b2c0bbe68
Static task
static1
Behavioral task
behavioral1
Sample
receipt.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
receipt.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9999
Targets
-
-
Target
receipt.js
-
Size
22KB
-
MD5
31178620b92ff3a6eccf7f99d0afab59
-
SHA1
8d703a22a6759103b2a1ff50d08f467dbb6dbd0f
-
SHA256
0e8c99f0e1fd9ea10d561d07a7bb1a0e26b6ae081d1324f5549489e58f4b3255
-
SHA512
ae8f0e92c4c5acc91d3bd532b00b4ef8dcfe00b58611cbd40e0093f7402f0165095661b61f2621e0f64feba356c3fafc2f55ef892cc1f6924b79c05b2c0bbe68
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-