General
-
Target
waybill.js
-
Size
217KB
-
Sample
220108-jjpk1acgh8
-
MD5
b8d709b17bcfaf488a6277334d5bad2f
-
SHA1
3dbebe928807dd6f9c8c828611b3a42ea598e081
-
SHA256
c7a3ba7def259f78303757d1fabe9767612d0e6f11ca55f0f5b396eec82aed3e
-
SHA512
72b63c45983c877a5c036302a41caaee7e0df063d2d07e6d7f2cfc0ef84eb1d29074ffa9b76f5ea8094078121a674465cd9ffb74110ea4b0fa4a222e6af59104
Static task
static1
Behavioral task
behavioral1
Sample
waybill.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
waybill.js
Resource
win10-en-20211208
Malware Config
Extracted
revengerat
NyanCatRevenge
macjoe597.duia.ro:3175
1e858dc786914c61
Targets
-
-
Target
waybill.js
-
Size
217KB
-
MD5
b8d709b17bcfaf488a6277334d5bad2f
-
SHA1
3dbebe928807dd6f9c8c828611b3a42ea598e081
-
SHA256
c7a3ba7def259f78303757d1fabe9767612d0e6f11ca55f0f5b396eec82aed3e
-
SHA512
72b63c45983c877a5c036302a41caaee7e0df063d2d07e6d7f2cfc0ef84eb1d29074ffa9b76f5ea8094078121a674465cd9ffb74110ea4b0fa4a222e6af59104
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Adds Run key to start application
-