General
-
Target
a705935e929145d90364f982002c75b7
-
Size
555KB
-
Sample
220627-qv9hwabfbp
-
MD5
a705935e929145d90364f982002c75b7
-
SHA1
5e288fa75d1cb35338107b23e34abc5b80373a13
-
SHA256
bd93c23a662de94fafd902c069a4999e651fe3333034eec1deb09c2e26a6dd3b
-
SHA512
8f472c64e9e37f837657ad612be8bf6b5d19f49e47228c270ee3ffff9c0a597d5e515e79c81c6f668fe0e2efd411a647f06178d0babddf988ddf6cbe068076d6
Static task
static1
Behavioral task
behavioral1
Sample
IMG-02100.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
IMG-02100.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
IMG-02100.js
-
Size
347KB
-
MD5
e869daed2a101e37df329f54350baac5
-
SHA1
82cd02f5668b730646b1ead1c23e72ccaedb56f0
-
SHA256
7d87428b37ec7ffe4e99b34737d777ba2df35b51f990488d68ecaa6521de1164
-
SHA512
12f7832246e43d77ceeaded76f82ed06ff81f95ca97bb1fe994f32479dcb365d9a43f799b5ca06fc6e791e31cf7637777b58241c93133bac8d8282e60f3c9c11
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-