General
-
Target
1401-4061-pdf.js
-
Size
138KB
-
Sample
220628-l3dc7agfdj
-
MD5
8a5e28d0a4a55865ee0aa1d4c4a14c7e
-
SHA1
c42cf3a4993b9a7fe7d0ad9ea788a6f7744ccff7
-
SHA256
942072bbb5d710fb261e082bf5ba051d7fe03e27fd7c79188712614bb24c131d
-
SHA512
ed78f4a71bd17d68fbe44cca7056fad6f653367afda0f6a3f9b6127ece981c754c6f07ee26a69486f3fb5760c3fecfc1c60b46b5ee79739cac02e1f89eb0e0af
Static task
static1
Behavioral task
behavioral1
Sample
1401-4061-pdf.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1401-4061-pdf.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
1401-4061-pdf.js
-
Size
138KB
-
MD5
8a5e28d0a4a55865ee0aa1d4c4a14c7e
-
SHA1
c42cf3a4993b9a7fe7d0ad9ea788a6f7744ccff7
-
SHA256
942072bbb5d710fb261e082bf5ba051d7fe03e27fd7c79188712614bb24c131d
-
SHA512
ed78f4a71bd17d68fbe44cca7056fad6f653367afda0f6a3f9b6127ece981c754c6f07ee26a69486f3fb5760c3fecfc1c60b46b5ee79739cac02e1f89eb0e0af
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-