General
-
Target
SEIjqoLyloVjnew.js
-
Size
138KB
-
Sample
220620-bbg7ysbff8
-
MD5
7cddd1ada20deef4be9176c2ab1d87d9
-
SHA1
ea4f9c24abaecb0662b912c86a06b4fc019d5aa8
-
SHA256
c93f922e9a0be35410e250a03c5c557281a73dd5c648246e1de3340d27222422
-
SHA512
296679275883a4f60fd46521a64138613594aa0eb5a34dea159f47bfc7f429258cf3838b91030e3aa3be501e3b484bd9ed94bbe8521bf97b5b965f75b0153385
Static task
static1
Behavioral task
behavioral1
Sample
SEIjqoLyloVjnew.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SEIjqoLyloVjnew.js
Resource
win10v2004-20220414-en
Malware Config
Extracted
vjw0rm
http://araz50.servehttp.com:5865
Targets
-
-
Target
SEIjqoLyloVjnew.js
-
Size
138KB
-
MD5
7cddd1ada20deef4be9176c2ab1d87d9
-
SHA1
ea4f9c24abaecb0662b912c86a06b4fc019d5aa8
-
SHA256
c93f922e9a0be35410e250a03c5c557281a73dd5c648246e1de3340d27222422
-
SHA512
296679275883a4f60fd46521a64138613594aa0eb5a34dea159f47bfc7f429258cf3838b91030e3aa3be501e3b484bd9ed94bbe8521bf97b5b965f75b0153385
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-