General
-
Target
eReceipt.js
-
Size
7KB
-
Sample
220714-3f73qaegg6
-
MD5
c6e1e11d1f9f05501b0eea97141302fa
-
SHA1
f80eeea1b2414c1438a53eccec4065913fb76ee2
-
SHA256
44aec011118a0f9692f2f7a53d9dfeb70835c8c1cf80338f48833c65d625ad80
-
SHA512
4f22da1454bd9c35e8722f6568d0d5ebe2e25c3a0269821e17d1ff92cc905db70dd63f545a2c9257ef374ffc0f52fa80b585166023345e913249fc51d0ccd8db
Static task
static1
Behavioral task
behavioral1
Sample
eReceipt.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
eReceipt.js
Resource
win10-20220414-en
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9004
Targets
-
-
Target
eReceipt.js
-
Size
7KB
-
MD5
c6e1e11d1f9f05501b0eea97141302fa
-
SHA1
f80eeea1b2414c1438a53eccec4065913fb76ee2
-
SHA256
44aec011118a0f9692f2f7a53d9dfeb70835c8c1cf80338f48833c65d625ad80
-
SHA512
4f22da1454bd9c35e8722f6568d0d5ebe2e25c3a0269821e17d1ff92cc905db70dd63f545a2c9257ef374ffc0f52fa80b585166023345e913249fc51d0ccd8db
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-