General
-
Target
6b4867e44bbf1e541c6adceacc336fa9.js
-
Size
11KB
-
Sample
220901-r5ab7sfafl
-
MD5
ecc010e3891a10b483072242e09797ba
-
SHA1
e7c711d77718c65640033db9b5887e80d073d80b
-
SHA256
9b8749981b6edc00313459a909eb91377f42580f17fe1831fc994f2dbb8e9ce7
-
SHA512
c7e1a697bbe457783acfc79da5128008563c64f75ca8027cab33191ac58cdd747f01a94ce0875cf0cf66fae7f1c5397cbc7948b040eba59b6493d057c5ec9554
-
SSDEEP
192:MSHX72nN0b5PCi3m11uL6FgnG0hu+NVmN3RJizLVv9v9/ziulg2SwIlQKRKRQDgh:rHr2mvAMmzUTKKlv9vpmulg2SwQQKRKt
Static task
static1
Behavioral task
behavioral1
Sample
6b4867e44bbf1e541c6adceacc336fa9.js
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://185.157.162.75:2223
Targets
-
-
Target
6b4867e44bbf1e541c6adceacc336fa9.js
-
Size
11KB
-
MD5
ecc010e3891a10b483072242e09797ba
-
SHA1
e7c711d77718c65640033db9b5887e80d073d80b
-
SHA256
9b8749981b6edc00313459a909eb91377f42580f17fe1831fc994f2dbb8e9ce7
-
SHA512
c7e1a697bbe457783acfc79da5128008563c64f75ca8027cab33191ac58cdd747f01a94ce0875cf0cf66fae7f1c5397cbc7948b040eba59b6493d057c5ec9554
-
SSDEEP
192:MSHX72nN0b5PCi3m11uL6FgnG0hu+NVmN3RJizLVv9v9/ziulg2SwIlQKRKRQDgh:rHr2mvAMmzUTKKlv9vpmulg2SwQQKRKt
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-