General
-
Target
eVoucher.js
-
Size
15KB
-
Sample
220625-h8c3tsdcd3
-
MD5
b4d2f443f05f58a96cb91b6d49f3a94e
-
SHA1
f91885a8a8c5acb059a33a9a2f6b137aafac117c
-
SHA256
04a29f2129342754634281d655ea4d01ee9197fdb25698a3683bf724e95af3e2
-
SHA512
b0192fee21a531e162175e2a89624a85cf5e0e10e5c8e4e982ae4a0dda43c78cbeac5cecdc5de90cb1902ddd66053cfcb4f8c230c0759148c4779f3d6b891a6a
Static task
static1
Behavioral task
behavioral1
Sample
eVoucher.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
eVoucher.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
eVoucher.js
-
Size
15KB
-
MD5
b4d2f443f05f58a96cb91b6d49f3a94e
-
SHA1
f91885a8a8c5acb059a33a9a2f6b137aafac117c
-
SHA256
04a29f2129342754634281d655ea4d01ee9197fdb25698a3683bf724e95af3e2
-
SHA512
b0192fee21a531e162175e2a89624a85cf5e0e10e5c8e4e982ae4a0dda43c78cbeac5cecdc5de90cb1902ddd66053cfcb4f8c230c0759148c4779f3d6b891a6a
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-