General
-
Target
Receipt #43645488.js
-
Size
51KB
-
Sample
211221-j6pvaacfa6
-
MD5
1587a7855b342770c687c789959c6b99
-
SHA1
07b97a47e3e409e9635debe66087afcef57194a6
-
SHA256
1ddb17729c8fcc03d0b2f3289463ed3032b5af85a0628f842b095a26bb066c59
-
SHA512
9c71fe1839dc5c45a42364c9626b9237cf078e9cb9ffa5c92d44ea68bfa414226f19341e546cf86c57d17e724f82176ad1d73f1f4d8ffe849f777b4e98963035
Static task
static1
Behavioral task
behavioral1
Sample
Receipt #43645488.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Receipt #43645488.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://ecolo.duckdns.org:26008
Targets
-
-
Target
Receipt #43645488.js
-
Size
51KB
-
MD5
1587a7855b342770c687c789959c6b99
-
SHA1
07b97a47e3e409e9635debe66087afcef57194a6
-
SHA256
1ddb17729c8fcc03d0b2f3289463ed3032b5af85a0628f842b095a26bb066c59
-
SHA512
9c71fe1839dc5c45a42364c9626b9237cf078e9cb9ffa5c92d44ea68bfa414226f19341e546cf86c57d17e724f82176ad1d73f1f4d8ffe849f777b4e98963035
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-