General
-
Target
52220106202022.js
-
Size
107KB
-
Sample
220620-lbbehsebf3
-
MD5
05d29ef471cbead69dd8c6f56a900004
-
SHA1
fa017cb4a1ad381d6b0569f7ec50791822350ba4
-
SHA256
ca905686651e423399d864687173d5472e4ecdbc76ea201b46d23012c799b617
-
SHA512
81f86970b830533d080e1627ffbb2bb4148a71b0bc9692553928f5f6671c4c8b2bc2d7648adb3b6d61bab2fc8437ab9ecff344d382af2701645b5b9e17eefd08
Static task
static1
Behavioral task
behavioral1
Sample
52220106202022.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
52220106202022.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
52220106202022.js
-
Size
107KB
-
MD5
05d29ef471cbead69dd8c6f56a900004
-
SHA1
fa017cb4a1ad381d6b0569f7ec50791822350ba4
-
SHA256
ca905686651e423399d864687173d5472e4ecdbc76ea201b46d23012c799b617
-
SHA512
81f86970b830533d080e1627ffbb2bb4148a71b0bc9692553928f5f6671c4c8b2bc2d7648adb3b6d61bab2fc8437ab9ecff344d382af2701645b5b9e17eefd08
Score10/10-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm Checkin UA
-
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
suricata: ET MALWARE Worm.VBS Dunihi/Houdini/H-Worm/WSHRAT Checkin 1
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-