General
-
Target
Documents.js
-
Size
156KB
-
Sample
220614-j555wachbm
-
MD5
6fef27b2d092e699fe963ced538647d7
-
SHA1
92f5af7e88153a1cb884a23644366a139ff0941e
-
SHA256
dc53423d89187d301bdadfcab2eadaea50860e6262fa5f3684aec110b1d6c660
-
SHA512
022d4d61547b63eff7c6c9400bc965c5f1999475c6a508f6bcbc3aaefb489a55609edabdec243285b904094e9c7ab4d9026dec6897b4bb3268549ce258fa14e2
Static task
static1
Behavioral task
behavioral1
Sample
Documents.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Documents.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Documents.js
-
Size
156KB
-
MD5
6fef27b2d092e699fe963ced538647d7
-
SHA1
92f5af7e88153a1cb884a23644366a139ff0941e
-
SHA256
dc53423d89187d301bdadfcab2eadaea50860e6262fa5f3684aec110b1d6c660
-
SHA512
022d4d61547b63eff7c6c9400bc965c5f1999475c6a508f6bcbc3aaefb489a55609edabdec243285b904094e9c7ab4d9026dec6897b4bb3268549ce258fa14e2
Score10/10-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-