General
-
Target
c9773c0e6400723de53caa5fa8688975700ad7e6401630c202174e0014b57e58
-
Size
1.2MB
-
Sample
220206-jl4spsggaj
-
MD5
c43168b1b2dd02c6f36195f78ff2965d
-
SHA1
492465ca494a1432fc6ab143ccc61dcca5b1bf46
-
SHA256
c9773c0e6400723de53caa5fa8688975700ad7e6401630c202174e0014b57e58
-
SHA512
63afba2ddd7779544ec118c8c1a2338ba116b8691f2911c34a0d1509aff072e5ac6efeba536918ef61eb5d46c4725023278ccd3391890242966edf0fad4b220f
Static task
static1
Behavioral task
behavioral1
Sample
INV__904.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
INV__904.js
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
INV__904.JS
-
Size
3KB
-
MD5
bd2ef974ff2ac7645c9c1249c6f09c67
-
SHA1
2f91d738794f8dc4e18e61d2ebd138e9cee26118
-
SHA256
999b0576efee65a6c79f2fdc6e6f0d3aca3965d9e3f6193d88d452a5f507fc4e
-
SHA512
65d7b23e6b0d99c73b6a0b8588c15c84ecfd3a5e2aa6e6cbeb4e2204479881b9587cc5dd84d097a1a4a95182fc83c0e41ab4683bab1783af6528e78eb7946303
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-