General
-
Target
receipt_usps.js
-
Size
22KB
-
Sample
211219-ksrmdsghfl
-
MD5
42c752340356522cee767e5c2afe5f7c
-
SHA1
153c7a7151a22ae7cb895a64cdaa2ae4bcce6cd4
-
SHA256
02a75696ab10f5203c0ef720767311d56aa63fb80a3a2191f134a944a84d421b
-
SHA512
f1c72c16f667597bc39df48fbcf4c7614c8c8f31d75981e7edf9f463d88f7137b74fb44c11222eec6f32aa2e35eaf31e49ad2ef319191c943d0fde23efcc3824
Static task
static1
Behavioral task
behavioral1
Sample
receipt_usps.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
receipt_usps.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9999
Targets
-
-
Target
receipt_usps.js
-
Size
22KB
-
MD5
42c752340356522cee767e5c2afe5f7c
-
SHA1
153c7a7151a22ae7cb895a64cdaa2ae4bcce6cd4
-
SHA256
02a75696ab10f5203c0ef720767311d56aa63fb80a3a2191f134a944a84d421b
-
SHA512
f1c72c16f667597bc39df48fbcf4c7614c8c8f31d75981e7edf9f463d88f7137b74fb44c11222eec6f32aa2e35eaf31e49ad2ef319191c943d0fde23efcc3824
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-