General
-
Target
f24f9cffe9e9673cd1dd71a3b2b3f904a7a44bc4d4cc085362450f51e9623a5c
-
Size
3KB
-
Sample
220208-azs4pabce6
-
MD5
4e26f170870b1674d344256f4f674648
-
SHA1
7ddcaeae146d2c58203360880243fec8c9486cfc
-
SHA256
f24f9cffe9e9673cd1dd71a3b2b3f904a7a44bc4d4cc085362450f51e9623a5c
-
SHA512
c9c5dedcb802413217d3cb97afec7a2cd3ce154ddf6288f04c743b5cf0892035b555b4c3886a1a3ce061d3a737a254b08d9ca6a690e3b552e0db878c53bf35d8
Static task
static1
Behavioral task
behavioral1
Sample
Voucher_4093.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Voucher_4093.js
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
Voucher_4093.js
-
Size
9KB
-
MD5
5232adca452765d2f6f4d552afdc6230
-
SHA1
f6e0fe80b48f1a5022a864552be66acf42e91091
-
SHA256
87ac3e5dc3d4a3bf8aba37d4c994d2574187cb21118182d7b25ac167ec421d33
-
SHA512
bc8c478e5a86733d0101a6a87bf7b1acb870f31dc0df0ef5909a069aa3833b4d6fd124b146b4658686e2a0b932071ea55120147e2736c2a85729a7ac5ee18034
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-