General
-
Target
#007704.js
-
Size
56KB
-
Sample
211216-j8fpdsbeb7
-
MD5
68dd5417687b71ef0bdee8c19baf4dcf
-
SHA1
11c068485541aeaaa5d04af692971e15f075f380
-
SHA256
b59c919fbd22d951a44903cd83648ed4d26558c7a4b1f803af893bfb16cdb7bd
-
SHA512
e822bdc33d518fda04b132574b90fa379d2353135aee32c178d3e14b30337ffe4ecefceaf04778108c3dd9049fd3cdb971b828e53a9dba13e99cf776b8fcf03c
Static task
static1
Behavioral task
behavioral1
Sample
#007704.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
#007704.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://wormming.duckdns.org:8023
Targets
-
-
Target
#007704.js
-
Size
56KB
-
MD5
68dd5417687b71ef0bdee8c19baf4dcf
-
SHA1
11c068485541aeaaa5d04af692971e15f075f380
-
SHA256
b59c919fbd22d951a44903cd83648ed4d26558c7a4b1f803af893bfb16cdb7bd
-
SHA512
e822bdc33d518fda04b132574b90fa379d2353135aee32c178d3e14b30337ffe4ecefceaf04778108c3dd9049fd3cdb971b828e53a9dba13e99cf776b8fcf03c
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-