General
-
Target
File 3.js
-
Size
29KB
-
Sample
220616-mv4qvaecen
-
MD5
ab13afc905659d77f0f29094be1a0374
-
SHA1
f1104c4b561e7a13caaff3023638e1fd50e10830
-
SHA256
70c2cfb9f3c784bbae7c67daa88805b6989beb2a502ef7574c08e62fccd794d0
-
SHA512
9a1d213aaa741c8950e71b21445bb062a505a123cd4c17746ef43d3454cb999b2c2614ac5ff6826c3269110016be88d44c1532462c0caef1fe994184f65cf91d
Static task
static1
Behavioral task
behavioral1
Sample
File 3.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
File 3.js
Resource
win10v2004-20220414-en
Malware Config
Extracted
vjw0rm
http://104.168.7.110:7974
Targets
-
-
Target
File 3.js
-
Size
29KB
-
MD5
ab13afc905659d77f0f29094be1a0374
-
SHA1
f1104c4b561e7a13caaff3023638e1fd50e10830
-
SHA256
70c2cfb9f3c784bbae7c67daa88805b6989beb2a502ef7574c08e62fccd794d0
-
SHA512
9a1d213aaa741c8950e71b21445bb062a505a123cd4c17746ef43d3454cb999b2c2614ac5ff6826c3269110016be88d44c1532462c0caef1fe994184f65cf91d
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-