General
-
Target
eVoucher.js
-
Size
29KB
-
Sample
220712-lycabsfha3
-
MD5
48d9924ce427fdd657487fdf2858f7f9
-
SHA1
4e6d949dfbc65d7abfae5fe2f4302c556ac0a54f
-
SHA256
d339b022589120edd727f6c3307e0df5851d4073f4d8f588116cf9f49512df9b
-
SHA512
d56567298581bbdd414b6d35448d0a69fc884994abf843e030fffb4337cf9122f66f10744cca4ad6745260912569fc5ef1d36d6051952c407397e7602e71a303
Static task
static1
Behavioral task
behavioral1
Sample
eVoucher.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
eVoucher.js
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
eVoucher.js
-
Size
29KB
-
MD5
48d9924ce427fdd657487fdf2858f7f9
-
SHA1
4e6d949dfbc65d7abfae5fe2f4302c556ac0a54f
-
SHA256
d339b022589120edd727f6c3307e0df5851d4073f4d8f588116cf9f49512df9b
-
SHA512
d56567298581bbdd414b6d35448d0a69fc884994abf843e030fffb4337cf9122f66f10744cca4ad6745260912569fc5ef1d36d6051952c407397e7602e71a303
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-