General
-
Target
New Order.js
-
Size
102KB
-
Sample
220617-karvfabbbj
-
MD5
f890e7d367f88ec86a590713f93891b5
-
SHA1
a179e35efd7a8fa0eb5216b4d3e65e8e8935493c
-
SHA256
c673548131b745edf8a8ec0737790633ec0a44aef9771ac4d4ff301fd915d2e0
-
SHA512
63a9adb256314a0acc4f8491dcb6b7e4471ecdfcfc9e40a659689d5f836d2807275de15e9d44823c67a662d421a783d58f6addcef44231aa7ac029b0e450ba22
Static task
static1
Behavioral task
behavioral1
Sample
New Order.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
New Order.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
New Order.js
-
Size
102KB
-
MD5
f890e7d367f88ec86a590713f93891b5
-
SHA1
a179e35efd7a8fa0eb5216b4d3e65e8e8935493c
-
SHA256
c673548131b745edf8a8ec0737790633ec0a44aef9771ac4d4ff301fd915d2e0
-
SHA512
63a9adb256314a0acc4f8491dcb6b7e4471ecdfcfc9e40a659689d5f836d2807275de15e9d44823c67a662d421a783d58f6addcef44231aa7ac029b0e450ba22
Score10/10-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-