General
-
Target
6cd17b20fb0a6919e6b441904e5c92c326a44c2d05c65e4f2929f67172deceb6
-
Size
1.2MB
-
Sample
220206-s8elrsbdc5
-
MD5
f42606ebb28ce568386f96f29342f62f
-
SHA1
8f23c505177063ade623a482c96efe4633dfa69a
-
SHA256
6cd17b20fb0a6919e6b441904e5c92c326a44c2d05c65e4f2929f67172deceb6
-
SHA512
c5360cd7470891db65d31b7f1f08bfe5405907a8bfe0a47e1d8b655f24c61353c6737f5b5170c9df6fca3a77da3e686e2d052724992125600aa9f2348dae3e67
Static task
static1
Behavioral task
behavioral1
Sample
ADP_INV_.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ADP_INV_.js
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
ADP_INV_.JS
-
Size
3KB
-
MD5
84ff68b6acab9e2fcdc86c042be45439
-
SHA1
dff73b1866bcb0d42aca4bbf89bb6a909fa8b086
-
SHA256
5f05557ff4babe05f0d4842de6a67eb3e951af6c42a27b7fa9663b7ad18e5aba
-
SHA512
d5b57189a3a108774982d18b86f8c3f7ed510b7595d31cd8e268a0804f7c903a76143d970e9df77235760cefe75ef9ac94594bffb7c07d19b50c5af2dcb63651
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-