General
-
Target
PO00921778.js
-
Size
102KB
-
Sample
220617-kbvbysdfd7
-
MD5
0c202ad80846938dac13198b15f13e5e
-
SHA1
b50ac1c8e51a23ff90934841874e3f3b9ec0d9f5
-
SHA256
165e72eeb78cbe4e36f321fe478c5f24e1e9905e8b8f5587261c2d564e676857
-
SHA512
aae8334e7ea0ba84590a72f9315b1d4feb3f00c23af420e03fc7fdbd632cfd63ae4d6ee3c0039897f2579f32558066b4518a75f82cc4063d03e2b45402f14379
Static task
static1
Behavioral task
behavioral1
Sample
PO00921778.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO00921778.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
PO00921778.js
-
Size
102KB
-
MD5
0c202ad80846938dac13198b15f13e5e
-
SHA1
b50ac1c8e51a23ff90934841874e3f3b9ec0d9f5
-
SHA256
165e72eeb78cbe4e36f321fe478c5f24e1e9905e8b8f5587261c2d564e676857
-
SHA512
aae8334e7ea0ba84590a72f9315b1d4feb3f00c23af420e03fc7fdbd632cfd63ae4d6ee3c0039897f2579f32558066b4518a75f82cc4063d03e2b45402f14379
Score10/10-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-