General
-
Target
Quotation.js
-
Size
1.3MB
-
Sample
220315-rn1stsahcl
-
MD5
69c06fd94a073383b9435c801ebb62eb
-
SHA1
0fae62beac98d2806118a831eb0eca04bf351b65
-
SHA256
925d5dec4f50c6ce6eb8bd56a51cdb123e8639f282292e3ed1b6cdd4f37e504b
-
SHA512
e24e74c11f78a6c8f27c4ba5279ca5012577a493966f883ab5c2481e88a657ad0f50ff05cef37eebd4e1e888a797d7038398b520577174cc51bd909b54eedd31
Static task
static1
Behavioral task
behavioral1
Sample
Quotation.js
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
Quotation.js
Resource
win10v2004-20220310-en
Malware Config
Targets
-
-
Target
Quotation.js
-
Size
1.3MB
-
MD5
69c06fd94a073383b9435c801ebb62eb
-
SHA1
0fae62beac98d2806118a831eb0eca04bf351b65
-
SHA256
925d5dec4f50c6ce6eb8bd56a51cdb123e8639f282292e3ed1b6cdd4f37e504b
-
SHA512
e24e74c11f78a6c8f27c4ba5279ca5012577a493966f883ab5c2481e88a657ad0f50ff05cef37eebd4e1e888a797d7038398b520577174cc51bd909b54eedd31
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-