General
-
Target
HZffcLxJaQ_Tadexax2223.js
-
Size
6KB
-
Sample
220827-sk6qcaddd2
-
MD5
07450b663165ff09ff1b5c7484612cb3
-
SHA1
a5f38e9e7591400df6b60d5b836e5df474162590
-
SHA256
df92400c7aef8c073404ea0f079da19b3ddde79422e4290356b85471d50655a7
-
SHA512
6e0954ad5b35139d02bffb2e0076cbd75c76444529a334fe6971a939ed9f36b0361ba1ecdba4c30c80e3a0b6b9df2f3e9728523ecdf3ab7e53637979ad43b901
-
SSDEEP
96:vzAJyxsV627pkjWgdFBlC6nHrSJeoSVdCF1rYCrY9U1m43wi4C4ywkZlxv71:vUJY46272igFos+JFSv1JaDZlv
Static task
static1
Behavioral task
behavioral1
Sample
HZffcLxJaQ_Tadexax2223.js
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://185.157.162.75:2223
Targets
-
-
Target
HZffcLxJaQ_Tadexax2223.js
-
Size
6KB
-
MD5
07450b663165ff09ff1b5c7484612cb3
-
SHA1
a5f38e9e7591400df6b60d5b836e5df474162590
-
SHA256
df92400c7aef8c073404ea0f079da19b3ddde79422e4290356b85471d50655a7
-
SHA512
6e0954ad5b35139d02bffb2e0076cbd75c76444529a334fe6971a939ed9f36b0361ba1ecdba4c30c80e3a0b6b9df2f3e9728523ecdf3ab7e53637979ad43b901
-
SSDEEP
96:vzAJyxsV627pkjWgdFBlC6nHrSJeoSVdCF1rYCrY9U1m43wi4C4ywkZlxv71:vUJY46272igFos+JFSv1JaDZlv
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-