General
-
Target
Scanned Copy of Documents.js
-
Size
99KB
-
Sample
220613-g93jfaadb2
-
MD5
cdff76d894ef22725144ab7674272040
-
SHA1
75236caf4b72a663b3162e327d1c13f5951ba34b
-
SHA256
8a3d204ea4edd875e4fe6e8c5b300db164f230a4783ab4d96f99b6d2c5a2f462
-
SHA512
fa0290b0a1215d2a7b0050ff4cd8b7f49d5f321b333db9743b9a02962e5f89b86fce0172ce88826c893f778f284101834f614134b501da8e196924504365134d
Static task
static1
Behavioral task
behavioral1
Sample
Scanned Copy of Documents.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Scanned Copy of Documents.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Scanned Copy of Documents.js
-
Size
99KB
-
MD5
cdff76d894ef22725144ab7674272040
-
SHA1
75236caf4b72a663b3162e327d1c13f5951ba34b
-
SHA256
8a3d204ea4edd875e4fe6e8c5b300db164f230a4783ab4d96f99b6d2c5a2f462
-
SHA512
fa0290b0a1215d2a7b0050ff4cd8b7f49d5f321b333db9743b9a02962e5f89b86fce0172ce88826c893f778f284101834f614134b501da8e196924504365134d
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-