General
-
Target
receipt_ups.js
-
Size
21KB
-
Sample
220115-k8gr5adeg7
-
MD5
3cb72fb2eecf9208f62bb98cf027fec0
-
SHA1
8922e85a7f7931db9f1e26dc335668e9c2b7cde7
-
SHA256
2b83134f50ad679ab13f2f9cd9f92407cec2d50cac1a76fbf4d5982f2349da68
-
SHA512
a25efc05b34464df63f282b841bdff9a0e8feafc0ff70d0c3de2f6576c7c0d1a2d40e5db15dc6335fb3de8c9441791f8acf2f0b88f3780c129daef80eaa532c3
Static task
static1
Behavioral task
behavioral1
Sample
receipt_ups.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
receipt_ups.js
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
receipt_ups.js
-
Size
21KB
-
MD5
3cb72fb2eecf9208f62bb98cf027fec0
-
SHA1
8922e85a7f7931db9f1e26dc335668e9c2b7cde7
-
SHA256
2b83134f50ad679ab13f2f9cd9f92407cec2d50cac1a76fbf4d5982f2349da68
-
SHA512
a25efc05b34464df63f282b841bdff9a0e8feafc0ff70d0c3de2f6576c7c0d1a2d40e5db15dc6335fb3de8c9441791f8acf2f0b88f3780c129daef80eaa532c3
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-