General
-
Target
receipt_ups.js
-
Size
217KB
-
Sample
220108-jjpk1adcdl
-
MD5
3cf58910eb5201dac3201d875f399c31
-
SHA1
6ececbecf3d424663818288c69882037ab261347
-
SHA256
117c5cf0e27bf23b55685767432ab6d2819a52c91423ed0eb74c221d96b6ce98
-
SHA512
98ceeabb6b4227eb0d694cce02e58700dd24375985e4e4ab728039aeb8080fa44dee8c2cdec4eb651eb582a5b422add91dd635157fbe011dbfa7ec911209929a
Static task
static1
Behavioral task
behavioral1
Sample
receipt_ups.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
receipt_ups.js
Resource
win10-en-20211208
Malware Config
Extracted
revengerat
NyanCatRevenge
macjoe597.duia.ro:3175
1e858dc786914c61
Extracted
vjw0rm
http://zeegod.duckdns.org:9998
Targets
-
-
Target
receipt_ups.js
-
Size
217KB
-
MD5
3cf58910eb5201dac3201d875f399c31
-
SHA1
6ececbecf3d424663818288c69882037ab261347
-
SHA256
117c5cf0e27bf23b55685767432ab6d2819a52c91423ed0eb74c221d96b6ce98
-
SHA512
98ceeabb6b4227eb0d694cce02e58700dd24375985e4e4ab728039aeb8080fa44dee8c2cdec4eb651eb582a5b422add91dd635157fbe011dbfa7ec911209929a
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Adds Run key to start application
-