General
-
Target
RFQ-IT0270622.js
-
Size
45KB
-
Sample
220628-l7x86agffr
-
MD5
73ebe36428d76dbf0c6cafeb53997452
-
SHA1
d4e9fe5400a8bc9479c3125bca374f2ea41ee60d
-
SHA256
3f66800a90cbe076d95ea44430d0e6043e611bec0cab4c9ab0b7f3658a99b3fc
-
SHA512
7756cdb512ee9b4765cbfb124023a6527fde055f4123e2c718a0c978b0115688a6d46a607f5509063c9acea9338517a527e04ce8cee5bd9030c0a720d0976de9
Static task
static1
Behavioral task
behavioral1
Sample
RFQ-IT0270622.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
RFQ-IT0270622.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
RFQ-IT0270622.js
-
Size
45KB
-
MD5
73ebe36428d76dbf0c6cafeb53997452
-
SHA1
d4e9fe5400a8bc9479c3125bca374f2ea41ee60d
-
SHA256
3f66800a90cbe076d95ea44430d0e6043e611bec0cab4c9ab0b7f3658a99b3fc
-
SHA512
7756cdb512ee9b4765cbfb124023a6527fde055f4123e2c718a0c978b0115688a6d46a607f5509063c9acea9338517a527e04ce8cee5bd9030c0a720d0976de9
Score10/10-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-