General
-
Target
6c823a1acd397a0094d12fd153b4c5be0f8adea23a0a66ac094842cf80bf7279.js
-
Size
21KB
-
Sample
220117-k925fshbh5
-
MD5
81971d0383fc31b12150272f4616e101
-
SHA1
009a4e24dc1eca2c5b870fe231eb51f6547406d5
-
SHA256
6c823a1acd397a0094d12fd153b4c5be0f8adea23a0a66ac094842cf80bf7279
-
SHA512
e6eb946461e72c47c943836b9a2988c296fc47c5baba76e822ad5fc5243ed1083974a1d450a6380993d4b5ad26fee84985af7a7251832f808c8a95ea5bde50db
Static task
static1
Behavioral task
behavioral1
Sample
6c823a1acd397a0094d12fd153b4c5be0f8adea23a0a66ac094842cf80bf7279.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
6c823a1acd397a0094d12fd153b4c5be0f8adea23a0a66ac094842cf80bf7279.js
Resource
win10v2004-en-20220113
Malware Config
Extracted
vjw0rm
http://warrr.duckdns.org:9997
Targets
-
-
Target
6c823a1acd397a0094d12fd153b4c5be0f8adea23a0a66ac094842cf80bf7279.js
-
Size
21KB
-
MD5
81971d0383fc31b12150272f4616e101
-
SHA1
009a4e24dc1eca2c5b870fe231eb51f6547406d5
-
SHA256
6c823a1acd397a0094d12fd153b4c5be0f8adea23a0a66ac094842cf80bf7279
-
SHA512
e6eb946461e72c47c943836b9a2988c296fc47c5baba76e822ad5fc5243ed1083974a1d450a6380993d4b5ad26fee84985af7a7251832f808c8a95ea5bde50db
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-