General
-
Target
Conocimiento de Embarque y Factura Comercial..js
-
Size
12KB
-
Sample
220830-t2hkhsbfcr
-
MD5
ea06f2c0704d27d3b063fa0440f08830
-
SHA1
ceb4f69d49e53ccab4edf7ce58734e499de1f2a1
-
SHA256
b980a33e19f4f99930c3f0bcaec5074dfb15a665192ee8816b2dcce270018851
-
SHA512
ea468f2eaf6a528a796536763a892359a5151740ad4d43d43905d5a96424929340f1cf16d4d2f3342b4f78e0a53f330b11197fa344c4c74dc91175d97dd42731
-
SSDEEP
384:rHrDck+ZF9Fymrb5NYmNBeqj3ieUzYhg2SwQQKRKRQDTMJ:rHr+Rq+j3l7hgzwQ0QDTMJ
Static task
static1
Behavioral task
behavioral1
Sample
Conocimiento de Embarque y Factura Comercial..js
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://80.76.51.88:4780
Targets
-
-
Target
Conocimiento de Embarque y Factura Comercial..js
-
Size
12KB
-
MD5
ea06f2c0704d27d3b063fa0440f08830
-
SHA1
ceb4f69d49e53ccab4edf7ce58734e499de1f2a1
-
SHA256
b980a33e19f4f99930c3f0bcaec5074dfb15a665192ee8816b2dcce270018851
-
SHA512
ea468f2eaf6a528a796536763a892359a5151740ad4d43d43905d5a96424929340f1cf16d4d2f3342b4f78e0a53f330b11197fa344c4c74dc91175d97dd42731
-
SSDEEP
384:rHrDck+ZF9Fymrb5NYmNBeqj3ieUzYhg2SwQQKRKRQDTMJ:rHr+Rq+j3l7hgzwQ0QDTMJ
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-