General
-
Target
bad7e710a6dc0ea01d0c38668474bb67206bef3263471e474afb302c83e46a77
-
Size
27KB
-
Sample
220206-zrv1racac4
-
MD5
6776987609a029752b2b4e5407339d1a
-
SHA1
e2e14053ac96ceef5eb76574d209750d9c13dedc
-
SHA256
bad7e710a6dc0ea01d0c38668474bb67206bef3263471e474afb302c83e46a77
-
SHA512
7a6456fe826e8b3c862d623c7170c572c94a4edb1758f4f3ac55a8fdb52f9588b04de46bceb8e4dfc22fe6dc341772639b1e9d18710bff4d565dd4f4e54997ca
Static task
static1
Behavioral task
behavioral1
Sample
PayCopy.js
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
PayCopy.js
-
Size
25KB
-
MD5
e1dbb7b7a6ecf80408eb1d3ace545a37
-
SHA1
6a68c65931c81681e4bb93cadbca46b512930942
-
SHA256
ebc4b05b8cc66eb56ecfa8457cfa10e219ac335ee379a825a9edbd445ab0a1a4
-
SHA512
834be4f3be91d68712e00363a611f92f635684dc52840b61db5d86f19204e23fbc9e6fcc94c04766c3ebc995810cced5a8b015fedf28400fcbf6ce6b233e4065
-
Blocklisted process makes network request
-
Drops startup file
-