General
-
Target
order receipt.js
-
Size
376KB
-
Sample
220112-llhatacbdn
-
MD5
d03de3b169829dbd6ef236bd3271cdf6
-
SHA1
3b08980e82c82461345dc4f91253b409d160bfb9
-
SHA256
8679d61b4b51babc234e22eb14808fa24cd838e920ac421befba5f0d38d762dc
-
SHA512
bb4993325020bad74c7170af787166d3ae355d9122bde0b71c7fc8daa2f31a9105fca2dfc6f4a53f7e68b2f8644d2b67881b8343f3cd970a9dc785ede39eed62
Static task
static1
Behavioral task
behavioral1
Sample
order receipt.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
order receipt.js
Resource
win10-en-20211208
Malware Config
Extracted
vjw0rm
http://warrr.duckdns.org:9997
Targets
-
-
Target
order receipt.js
-
Size
376KB
-
MD5
d03de3b169829dbd6ef236bd3271cdf6
-
SHA1
3b08980e82c82461345dc4f91253b409d160bfb9
-
SHA256
8679d61b4b51babc234e22eb14808fa24cd838e920ac421befba5f0d38d762dc
-
SHA512
bb4993325020bad74c7170af787166d3ae355d9122bde0b71c7fc8daa2f31a9105fca2dfc6f4a53f7e68b2f8644d2b67881b8343f3cd970a9dc785ede39eed62
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-