General
-
Target
4ee050de95152e2c19c6cb90e2022199.js
-
Size
11KB
-
Sample
220831-jm3xssbahj
-
MD5
29b6e1f018ae6b6d2971f1a947006ab3
-
SHA1
2887ef3a00d9fb65bffb4870625950cc1e522f1b
-
SHA256
75c289048f2987d0147952b35842473cda0ec23c7eac7e6fd461042d0adf3bd4
-
SHA512
ea9608fd939a68bd3ff85bcd00987d31956fff1e773553ba310a4504c1753cfe0ac27567918bfcc26f50519a97ef0d96edd4e7a3ce930cf9897289fa823fb4d6
-
SSDEEP
192:MSHX72nA0b5PCIm11uw6FgnG0hjNNjmNGR45cLwEeavU3gzFuy32SwIlQKRKRQDG:rHr2RPAMZzU54flvavUwhuy32SwQQKRw
Static task
static1
Behavioral task
behavioral1
Sample
4ee050de95152e2c19c6cb90e2022199.js
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://185.157.162.75:2223
Targets
-
-
Target
4ee050de95152e2c19c6cb90e2022199.js
-
Size
11KB
-
MD5
29b6e1f018ae6b6d2971f1a947006ab3
-
SHA1
2887ef3a00d9fb65bffb4870625950cc1e522f1b
-
SHA256
75c289048f2987d0147952b35842473cda0ec23c7eac7e6fd461042d0adf3bd4
-
SHA512
ea9608fd939a68bd3ff85bcd00987d31956fff1e773553ba310a4504c1753cfe0ac27567918bfcc26f50519a97ef0d96edd4e7a3ce930cf9897289fa823fb4d6
-
SSDEEP
192:MSHX72nA0b5PCIm11uw6FgnG0hjNNjmNGR45cLwEeavU3gzFuy32SwIlQKRKRQDG:rHr2RPAMZzU54flvavUwhuy32SwQQKRw
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-