General
-
Target
doc-4747890938378383-8837737327337278.js
-
Size
18KB
-
Sample
220902-rkj1xaheh3
-
MD5
b783b82cc239eaf339c173490582cdc7
-
SHA1
e1898e0b98e81a5ec225281ad5ce8177348b750c
-
SHA256
13f1910bd8435cca761e58e628fbac3bbd6d96d6a734aa990c0369904ecb5895
-
SHA512
d7c8c2014d2b3ec6c54fe3cfbdfe9113e052d485946763e214da4fee1478bf9b7654fe8b503fe3259cab5bce91cbaa3cc925f4c0b37d8d8aa52d4e91fb83ee38
-
SSDEEP
192:hJK8Gqo3ljE4KzxF47xE67QeTZMac/mCfLbCbmGW2J5dFQWNMDSn8FggHqNJE2Ej:h5E5TcF6ZXlijXtQrX9plNJEIAwCH8m
Static task
static1
Behavioral task
behavioral1
Sample
doc-4747890938378383-8837737327337278.js
Resource
win7-20220901-en
Malware Config
Extracted
vjw0rm
http://80.76.51.88:4780
Targets
-
-
Target
doc-4747890938378383-8837737327337278.js
-
Size
18KB
-
MD5
b783b82cc239eaf339c173490582cdc7
-
SHA1
e1898e0b98e81a5ec225281ad5ce8177348b750c
-
SHA256
13f1910bd8435cca761e58e628fbac3bbd6d96d6a734aa990c0369904ecb5895
-
SHA512
d7c8c2014d2b3ec6c54fe3cfbdfe9113e052d485946763e214da4fee1478bf9b7654fe8b503fe3259cab5bce91cbaa3cc925f4c0b37d8d8aa52d4e91fb83ee38
-
SSDEEP
192:hJK8Gqo3ljE4KzxF47xE67QeTZMac/mCfLbCbmGW2J5dFQWNMDSn8FggHqNJE2Ej:h5E5TcF6ZXlijXtQrX9plNJEIAwCH8m
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-