General
-
Target
????????? ?? ?????? Ref. No. MS-DGP-220137.js
-
Size
375KB
-
Sample
220620-lz275sedc8
-
MD5
b34c9083eed5a3f38346fa1bf618745e
-
SHA1
bdd94f1f3509a6507b280d06a240c2df1c5a37e6
-
SHA256
12ca249e9fa5ed956d072ec466416fe50cf35c4c6c481ce19e07a52ef31e1a8a
-
SHA512
347bebc6d34a940423af01ac145c6e78555ba606a80af66973bf9ab9f73f23760fc0e27569ae15df7c5f3e53cc14f8889a00d38860f3255ca0868c8196f6763b
Static task
static1
Behavioral task
behavioral1
Sample
????????? ?? ?????? Ref. No. MS-DGP-220137.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
????????? ?? ?????? Ref. No. MS-DGP-220137.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
????????? ?? ?????? Ref. No. MS-DGP-220137.js
-
Size
375KB
-
MD5
b34c9083eed5a3f38346fa1bf618745e
-
SHA1
bdd94f1f3509a6507b280d06a240c2df1c5a37e6
-
SHA256
12ca249e9fa5ed956d072ec466416fe50cf35c4c6c481ce19e07a52ef31e1a8a
-
SHA512
347bebc6d34a940423af01ac145c6e78555ba606a80af66973bf9ab9f73f23760fc0e27569ae15df7c5f3e53cc14f8889a00d38860f3255ca0868c8196f6763b
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-