General
-
Target
PO-DN000379490.js
-
Size
11KB
-
Sample
220830-e79tmabgfj
-
MD5
3b6757f7479a3abb443017e949594fc4
-
SHA1
19fd933953ad9595f265e3a0496be80d124a443a
-
SHA256
ff0a094fcf2a8190c359f54bb9dcb7175f864a4ef4d5a59a7bae6f2cfa6ba480
-
SHA512
6f53f70119a6d703703ceac1aca86e6b4433979096b0fa7933c01ddfba71666eb38959e4541697d06764743af51a18aa5018c424fa036d40ae9741e106a746cd
-
SSDEEP
192:MSHX72nO0b5PCnm11uK6FgnG0hxrNcmNcRSjA4UlAJLSvCYT32SwIlQKRKRQDg86:rHr2b8AM/zUxHhBnJLSvCYL2SwQQKRKt
Static task
static1
Behavioral task
behavioral1
Sample
PO-DN000379490.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
PO-DN000379490.js
Resource
win10v2004-20220812-en
Malware Config
Extracted
vjw0rm
http://ziggynas10.ddns.net:9746
Targets
-
-
Target
PO-DN000379490.js
-
Size
11KB
-
MD5
3b6757f7479a3abb443017e949594fc4
-
SHA1
19fd933953ad9595f265e3a0496be80d124a443a
-
SHA256
ff0a094fcf2a8190c359f54bb9dcb7175f864a4ef4d5a59a7bae6f2cfa6ba480
-
SHA512
6f53f70119a6d703703ceac1aca86e6b4433979096b0fa7933c01ddfba71666eb38959e4541697d06764743af51a18aa5018c424fa036d40ae9741e106a746cd
-
SSDEEP
192:MSHX72nO0b5PCnm11uK6FgnG0hxrNcmNcRSjA4UlAJLSvCYT32SwIlQKRKRQDg86:rHr2b8AM/zUxHhBnJLSvCYL2SwQQKRKt
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-