General
-
Target
nuccxfqtsg.js
-
Size
754KB
-
Sample
220309-vwm4gsdhaj
-
MD5
46bcdb320f406ee06ae854e27b2d429d
-
SHA1
3a06a41dcc923a0cf9147041927ae411073dc48d
-
SHA256
fe9990f26b3ba4a65058bd83c8ff20144123a98c2d0f488c3f73cdf81ff43a07
-
SHA512
d45eddf5c8ead2db1107e905e722d86ad310b9e6a8659a544430f9eb32c10697a266e1226cf7a2ab6e3dbefca235db2c5f04ed059f74cdc39d18a1f67036b134
Static task
static1
Behavioral task
behavioral1
Sample
nuccxfqtsg.js
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
nuccxfqtsg.js
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
nuccxfqtsg.js
-
Size
754KB
-
MD5
46bcdb320f406ee06ae854e27b2d429d
-
SHA1
3a06a41dcc923a0cf9147041927ae411073dc48d
-
SHA256
fe9990f26b3ba4a65058bd83c8ff20144123a98c2d0f488c3f73cdf81ff43a07
-
SHA512
d45eddf5c8ead2db1107e905e722d86ad310b9e6a8659a544430f9eb32c10697a266e1226cf7a2ab6e3dbefca235db2c5f04ed059f74cdc39d18a1f67036b134
Score10/10-
suricata: ET MALWARE STRRAT Initial HTTP Activity
suricata: ET MALWARE STRRAT Initial HTTP Activity
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-