General
-
Target
RTK009ENF.js
-
Size
61KB
-
Sample
220208-bt5qzabfdj
-
MD5
4aeac345ff0d52f7ea2e9a9b9de73cb4
-
SHA1
cb3c9866359b2db03f80f9715cc84a3d9e743f12
-
SHA256
16ee8787395039445c472df4c45834ac3e6299f753764dbe27b9bc031e383a9b
-
SHA512
266a5a3ac9c6c88325f5234ad16918db5b936aeeffed41d003d340a3c24b05974fb78bb7575f00bff50b6d01da2a0b57d548d4bd51b8691540d982249c7bd6c9
Static task
static1
Behavioral task
behavioral1
Sample
RTK009ENF.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
RTK009ENF.js
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
RTK009ENF.js
-
Size
61KB
-
MD5
4aeac345ff0d52f7ea2e9a9b9de73cb4
-
SHA1
cb3c9866359b2db03f80f9715cc84a3d9e743f12
-
SHA256
16ee8787395039445c472df4c45834ac3e6299f753764dbe27b9bc031e383a9b
-
SHA512
266a5a3ac9c6c88325f5234ad16918db5b936aeeffed41d003d340a3c24b05974fb78bb7575f00bff50b6d01da2a0b57d548d4bd51b8691540d982249c7bd6c9
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-