General
-
Target
Orders #062122.js
-
Size
84KB
-
Sample
220621-cpk2fahadk
-
MD5
45ed25eaa020cbb7cc9dc25b8a657e4f
-
SHA1
10f9b2dd8b4fb03858ac6e557c3f3b969573448a
-
SHA256
50e4af1a3329295449f1d94adc7a6e1e3ae47cf0021a5767adb9e689ace290c1
-
SHA512
471cf270dec755160eb8031c6e56f5bc1f48784235499c7a8e93c67c76f501be9a03379aba0d7c1010a2cf7800f079f5af8e81af9cdd43f3fedae9ab0122ccba
Static task
static1
Behavioral task
behavioral1
Sample
Orders #062122.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Orders #062122.js
Resource
win10v2004-20220414-en
Malware Config
Extracted
vjw0rm
http://45.138.16.233:1985
Targets
-
-
Target
Orders #062122.js
-
Size
84KB
-
MD5
45ed25eaa020cbb7cc9dc25b8a657e4f
-
SHA1
10f9b2dd8b4fb03858ac6e557c3f3b969573448a
-
SHA256
50e4af1a3329295449f1d94adc7a6e1e3ae47cf0021a5767adb9e689ace290c1
-
SHA512
471cf270dec755160eb8031c6e56f5bc1f48784235499c7a8e93c67c76f501be9a03379aba0d7c1010a2cf7800f079f5af8e81af9cdd43f3fedae9ab0122ccba
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-