General
-
Target
JAN_YDHM007391.js
-
Size
9KB
-
Sample
220108-jjpk1acgh9
-
MD5
a33c2200100fe989d76d39c7a06b901c
-
SHA1
18e7b738905aa65b031b9ed913830d6bf2251f66
-
SHA256
b4f233164740f4664483450cd5fdc0de8c9ffff7bde6a192f2f9dd6f3844236e
-
SHA512
7949b3ccbecf3c940c2cb449d26e4691e1083e2c6f5304cb29e0110aefd1fdd85f4c6a6b1c72e7e168838db4ac66d1ffaea31939d18831d0dcfd7e1b7ef174d8
Static task
static1
Behavioral task
behavioral1
Sample
JAN_YDHM007391.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
JAN_YDHM007391.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://8945wormy.duckdns.org:8945
Targets
-
-
Target
JAN_YDHM007391.js
-
Size
9KB
-
MD5
a33c2200100fe989d76d39c7a06b901c
-
SHA1
18e7b738905aa65b031b9ed913830d6bf2251f66
-
SHA256
b4f233164740f4664483450cd5fdc0de8c9ffff7bde6a192f2f9dd6f3844236e
-
SHA512
7949b3ccbecf3c940c2cb449d26e4691e1083e2c6f5304cb29e0110aefd1fdd85f4c6a6b1c72e7e168838db4ac66d1ffaea31939d18831d0dcfd7e1b7ef174d8
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-