General
-
Target
e-Voucher#097.js
-
Size
11KB
-
Sample
220404-wtr54aecbk
-
MD5
50989521210252e5c40a143c7474a97d
-
SHA1
f9f941286ac2d38d5e24763d0176e1bdbbf3a9df
-
SHA256
ae6b4083981c16d6bb62bb3b37202464f029bb0377dc8bc082ed8372202518be
-
SHA512
1a65c17a143fbda64278cad71e020983d64fc09a589961b30700833915a169c4a879e630e7bc3c80c686b04e4ddda706d223379670de50d4c12823e4c94b0ba3
Static task
static1
Behavioral task
behavioral1
Sample
e-Voucher#097.js
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
e-Voucher#097.js
Resource
win10v2004-20220331-en
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9002
Targets
-
-
Target
e-Voucher#097.js
-
Size
11KB
-
MD5
50989521210252e5c40a143c7474a97d
-
SHA1
f9f941286ac2d38d5e24763d0176e1bdbbf3a9df
-
SHA256
ae6b4083981c16d6bb62bb3b37202464f029bb0377dc8bc082ed8372202518be
-
SHA512
1a65c17a143fbda64278cad71e020983d64fc09a589961b30700833915a169c4a879e630e7bc3c80c686b04e4ddda706d223379670de50d4c12823e4c94b0ba3
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-