General
-
Target
IMAGE.js
-
Size
3KB
-
Sample
211216-j8fpdsbeb8
-
MD5
4828f0de0d5a6dfe853ed9bc18437863
-
SHA1
c97fa294329a27d8e096f572e69b1319f644c967
-
SHA256
fbc8ed5862b8ac3766b10502bc1afef13e84fbf2b07454c8988aa2140fa5ee9c
-
SHA512
b1c58dc31b191e91d7371397e17500e704c2dbf33e5d413c31e6cd7035b3219165395cf872ef7846456efd67b88737e7fcfa944fbf94c4a956d00aff7ac97be0
Static task
static1
Behavioral task
behavioral1
Sample
IMAGE.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
IMAGE.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://2ndversionjs.duckdns.org:9100
Targets
-
-
Target
IMAGE.js
-
Size
3KB
-
MD5
4828f0de0d5a6dfe853ed9bc18437863
-
SHA1
c97fa294329a27d8e096f572e69b1319f644c967
-
SHA256
fbc8ed5862b8ac3766b10502bc1afef13e84fbf2b07454c8988aa2140fa5ee9c
-
SHA512
b1c58dc31b191e91d7371397e17500e704c2dbf33e5d413c31e6cd7035b3219165395cf872ef7846456efd67b88737e7fcfa944fbf94c4a956d00aff7ac97be0
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-