General
-
Target
9f303018e09204b8dfd6527ef5174978.js
-
Size
11KB
-
Sample
220830-wdz6rseae6
-
MD5
115c28eac95195cf2b450926f48c130e
-
SHA1
26a5571459de786bb24d985579276fc6863ae627
-
SHA256
e4b39a1c5610c394d850e7c7051339a7ac59640c8b32647707450ceb23d0c2fb
-
SHA512
568f77b91cf94988a97bae11bf01ebf6142bcec8d1be1262de1ddc3fd242ac110e945230302ecd6841cb0eb45b2ae1509f6032876e9ffc2e89b7e342dd4410cb
-
SSDEEP
192:MSHX72nm0b5PC9m11uK6FgnG0h9jN+mNgRqr+LuvnhivqezPu62SwIlQKRKRQDgh:rHr2DaAM/zUdZZtnEvhju62SwQQKRKR/
Static task
static1
Behavioral task
behavioral1
Sample
9f303018e09204b8dfd6527ef5174978.js
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://185.157.162.75:2223
Targets
-
-
Target
9f303018e09204b8dfd6527ef5174978.js
-
Size
11KB
-
MD5
115c28eac95195cf2b450926f48c130e
-
SHA1
26a5571459de786bb24d985579276fc6863ae627
-
SHA256
e4b39a1c5610c394d850e7c7051339a7ac59640c8b32647707450ceb23d0c2fb
-
SHA512
568f77b91cf94988a97bae11bf01ebf6142bcec8d1be1262de1ddc3fd242ac110e945230302ecd6841cb0eb45b2ae1509f6032876e9ffc2e89b7e342dd4410cb
-
SSDEEP
192:MSHX72nm0b5PC9m11uK6FgnG0h9jN+mNgRqr+LuvnhivqezPu62SwIlQKRKRQDgh:rHr2DaAM/zUdZZtnEvhju62SwQQKRKR/
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-