General
-
Target
efcdeefba79358f7c7fe176e3efb65513b34c5c4f4e0f12192dfb544149105ba.js
-
Size
66KB
-
Sample
220312-krbvjsaee2
-
MD5
42d55b6f9eca214d8322f6f8d3fd97fa
-
SHA1
bba7f2f09e21e94170771276bb543056a9fafa15
-
SHA256
efcdeefba79358f7c7fe176e3efb65513b34c5c4f4e0f12192dfb544149105ba
-
SHA512
7376cfa00a4bece9614c98ccbc0bccf2de0f7949564d5ec219338871c1dbf27a930383e10b11e709df467ee6512c658830106de2861b6ab8319c2db4ff5601bd
Static task
static1
Behavioral task
behavioral1
Sample
efcdeefba79358f7c7fe176e3efb65513b34c5c4f4e0f12192dfb544149105ba.js
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
efcdeefba79358f7c7fe176e3efb65513b34c5c4f4e0f12192dfb544149105ba.js
Resource
win10v2004-en-20220113
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9998
Targets
-
-
Target
efcdeefba79358f7c7fe176e3efb65513b34c5c4f4e0f12192dfb544149105ba.js
-
Size
66KB
-
MD5
42d55b6f9eca214d8322f6f8d3fd97fa
-
SHA1
bba7f2f09e21e94170771276bb543056a9fafa15
-
SHA256
efcdeefba79358f7c7fe176e3efb65513b34c5c4f4e0f12192dfb544149105ba
-
SHA512
7376cfa00a4bece9614c98ccbc0bccf2de0f7949564d5ec219338871c1dbf27a930383e10b11e709df467ee6512c658830106de2861b6ab8319c2db4ff5601bd
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-