General
-
Target
FedEx Parcel.js
-
Size
695KB
-
Sample
220112-lkyleacag2
-
MD5
25347150c3d5dd7d1171fc6f94b21b45
-
SHA1
a858f60387b3ef131a91c1f73f68b118cfb50553
-
SHA256
4a75b07b5f7c1f7599015b0ea64ecd40403733293a3c36ceb8be0b893af6e732
-
SHA512
a0113dcfee998c4755ce7444f0193099a6391c012f2ba66713c7320e03b0f3101edc8fbce7637f7e5716565dd9a75a0f62e411eb7f42692197969c9822a2fe82
Static task
static1
Behavioral task
behavioral1
Sample
FedEx Parcel.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
FedEx Parcel.js
Resource
win10-en-20211208
Malware Config
Extracted
revengerat
NyanCatRevenge
macjoe597.duia.ro:3175
1e858dc786914c61
Targets
-
-
Target
FedEx Parcel.js
-
Size
695KB
-
MD5
25347150c3d5dd7d1171fc6f94b21b45
-
SHA1
a858f60387b3ef131a91c1f73f68b118cfb50553
-
SHA256
4a75b07b5f7c1f7599015b0ea64ecd40403733293a3c36ceb8be0b893af6e732
-
SHA512
a0113dcfee998c4755ce7444f0193099a6391c012f2ba66713c7320e03b0f3101edc8fbce7637f7e5716565dd9a75a0f62e411eb7f42692197969c9822a2fe82
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Adds Run key to start application
-