General
-
Target
jyahaoabcs.js
-
Size
953KB
-
Sample
220617-sl48xacdfl
-
MD5
b0858d86fb22aa01d7ad40ef5ab0b069
-
SHA1
6c6c7a2f34149a8702d2ae401294291d38c064a0
-
SHA256
0055c6430d720c28a449fd9df4d9fcb440dfec67f3eff217adfd6e0a2fa97bd0
-
SHA512
980423d2379677a469205c1119cdd323ea36331d53aa46eae98c5fedf67be2cae7023e63e14e7ffb1bb40a378ce3f700f6facfd5edb6a14dba531daddaaba8d6
Static task
static1
Behavioral task
behavioral1
Sample
jyahaoabcs.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
jyahaoabcs.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
jyahaoabcs.js
-
Size
953KB
-
MD5
b0858d86fb22aa01d7ad40ef5ab0b069
-
SHA1
6c6c7a2f34149a8702d2ae401294291d38c064a0
-
SHA256
0055c6430d720c28a449fd9df4d9fcb440dfec67f3eff217adfd6e0a2fa97bd0
-
SHA512
980423d2379677a469205c1119cdd323ea36331d53aa46eae98c5fedf67be2cae7023e63e14e7ffb1bb40a378ce3f700f6facfd5edb6a14dba531daddaaba8d6
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-