General
-
Target
8b51c81b1120f90f7a834757e8f471326f7c5468fd3404c24ecd047d16036782
-
Size
108KB
-
Sample
220205-qd47tsbhdk
-
MD5
300b7aff514d9d72891455bbe545718c
-
SHA1
15a54c02c8787b9a7057a5542194dd1b4ad82644
-
SHA256
8b51c81b1120f90f7a834757e8f471326f7c5468fd3404c24ecd047d16036782
-
SHA512
ba451e21e2b26e101e87414252024acb8baa5e8f40c03e747636f0c0652a5df3d5aa86dff490d43149809af09d1d42286f1ac554e7bd35209827c2ec4fda2f2d
Malware Config
Targets
-
-
Target
8b51c81b1120f90f7a834757e8f471326f7c5468fd3404c24ecd047d16036782
-
Size
108KB
-
MD5
300b7aff514d9d72891455bbe545718c
-
SHA1
15a54c02c8787b9a7057a5542194dd1b4ad82644
-
SHA256
8b51c81b1120f90f7a834757e8f471326f7c5468fd3404c24ecd047d16036782
-
SHA512
ba451e21e2b26e101e87414252024acb8baa5e8f40c03e747636f0c0652a5df3d5aa86dff490d43149809af09d1d42286f1ac554e7bd35209827c2ec4fda2f2d
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
ostap
Ostap is a JS downloader, used to deliver other families.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-