General
-
Target
f3f971e6642a4c0b0d23c4fda5663c15e4948ba5f817dd833e92959895b94b05
-
Size
2KB
-
Sample
220206-y47pmsbge7
-
MD5
f1edc09e90f947103a5231b533d284d4
-
SHA1
e79ca765a08be38259734e5705694fef03e86d7e
-
SHA256
f3f971e6642a4c0b0d23c4fda5663c15e4948ba5f817dd833e92959895b94b05
-
SHA512
f32f9076390f00c31bccc57529c67ffb7e37a5cd3ff00352b50ca10453919dabbc99e6080677aa545eac07f3b066712b8631b1ea1770138e03af8e7d2d99b411
Static task
static1
Behavioral task
behavioral1
Sample
,_Payment_Receipt.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
,_Payment_Receipt.js
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
,_Payment_Receipt.js
-
Size
3KB
-
MD5
2e4880c0a894ff9dc5936c2d5827fab1
-
SHA1
b6302cd52f6a81b0e72963057061df72ef4838a8
-
SHA256
6bf6e8ff133c8bb105f3169405560a6c80bc36ab3addea2a603811eacdd1068e
-
SHA512
73704b08e788aadb3d2d4a51e3b988cc6a26f28695eff147fac5aea54554dc7d66919e82677b518eb8136b55a0bc3211df6744220d95bd89aa11f30b552e6532
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-