General
-
Target
6bb91325ed23a3572bbca3737d095899.js
-
Size
12KB
-
Sample
220831-wzcbtsbge4
-
MD5
5e50d7eed8b0d49867af9c2b3cf4454d
-
SHA1
29b8db0f9d6d9c73efcd0fe5a8d1256858439383
-
SHA256
0662817ec5b53423f0381aaabc766361c981278004cdf2bec2fb07bf4896cce8
-
SHA512
50bb5566015d2ddec836bb624a9393623ea19fc335bbf5beb9592feedb59be9a959644c0b76f870865be67e0461a898f89009fa4bf0a24596d0036de84a2fa66
-
SSDEEP
384:rHrA8+OA9t1Xr6HHbsPpqy9J2SwQQKRKRQDTMJ:rHrFkESzzwQ0QDTMJ
Static task
static1
Behavioral task
behavioral1
Sample
6bb91325ed23a3572bbca3737d095899.js
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://185.157.162.75:2223
Targets
-
-
Target
6bb91325ed23a3572bbca3737d095899.js
-
Size
12KB
-
MD5
5e50d7eed8b0d49867af9c2b3cf4454d
-
SHA1
29b8db0f9d6d9c73efcd0fe5a8d1256858439383
-
SHA256
0662817ec5b53423f0381aaabc766361c981278004cdf2bec2fb07bf4896cce8
-
SHA512
50bb5566015d2ddec836bb624a9393623ea19fc335bbf5beb9592feedb59be9a959644c0b76f870865be67e0461a898f89009fa4bf0a24596d0036de84a2fa66
-
SSDEEP
384:rHrA8+OA9t1Xr6HHbsPpqy9J2SwQQKRKRQDTMJ:rHrFkESzzwQ0QDTMJ
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-