General
-
Target
UPS 1ZF1939R0198605672.js
-
Size
85KB
-
Sample
211223-kce9esaagn
-
MD5
cecc5ef246b78035fd37775f6a09424e
-
SHA1
a7f6ca9e2ecea0a8a7dacabbdaecfe3659497f6e
-
SHA256
3455386680d2443e47c0931ec1ffc3f1db1f1744dd0b35d66d6a8d66f976e7d4
-
SHA512
df92e9c94c02bc6cf2c8d7701a5bbfd637a0516fe5c8f209f416e290e4d5fcc6aa37e0cd50e8044db74599c16380f49138b451516f98ce0bf5f990e553dc83b1
Static task
static1
Behavioral task
behavioral1
Sample
UPS 1ZF1939R0198605672.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
UPS 1ZF1939R0198605672.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://spdxx.ddns.net:5050
Targets
-
-
Target
UPS 1ZF1939R0198605672.js
-
Size
85KB
-
MD5
cecc5ef246b78035fd37775f6a09424e
-
SHA1
a7f6ca9e2ecea0a8a7dacabbdaecfe3659497f6e
-
SHA256
3455386680d2443e47c0931ec1ffc3f1db1f1744dd0b35d66d6a8d66f976e7d4
-
SHA512
df92e9c94c02bc6cf2c8d7701a5bbfd637a0516fe5c8f209f416e290e4d5fcc6aa37e0cd50e8044db74599c16380f49138b451516f98ce0bf5f990e553dc83b1
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-