General
-
Target
eReceipt.js
-
Size
20KB
-
Sample
220923-gzygqshcdl
-
MD5
e07134ac3929d76845a48a0eba4d80f3
-
SHA1
b386428d0df6b2e9c89f9ad2bc45f169e6e57e57
-
SHA256
1a49aaae2ba16cc05a96ebe87a81a5cd20de012e6970f3e252dbaf8ee99d3381
-
SHA512
981b1a54fdfeb67ea8d3023805f6810b66ee0a8a1741ee95816b07e0a4aad844318363aecab74e56478d3ced12002d0ed7b5115f1d333da32fa2489462bc7341
-
SSDEEP
384:QTjoy68n6K6HGIW6ghWKW6zYaJ7fhlnTao3jAq7+pQh/iNbGgTwO3kV:wnd6cpTVplZgbGgTwOUV
Static task
static1
Behavioral task
behavioral1
Sample
eReceipt.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
eReceipt.js
Resource
win10v2004-20220812-en
Malware Config
Extracted
vjw0rm
http://zeegod.duckdns.org:9004
Targets
-
-
Target
eReceipt.js
-
Size
20KB
-
MD5
e07134ac3929d76845a48a0eba4d80f3
-
SHA1
b386428d0df6b2e9c89f9ad2bc45f169e6e57e57
-
SHA256
1a49aaae2ba16cc05a96ebe87a81a5cd20de012e6970f3e252dbaf8ee99d3381
-
SHA512
981b1a54fdfeb67ea8d3023805f6810b66ee0a8a1741ee95816b07e0a4aad844318363aecab74e56478d3ced12002d0ed7b5115f1d333da32fa2489462bc7341
-
SSDEEP
384:QTjoy68n6K6HGIW6ghWKW6zYaJ7fhlnTao3jAq7+pQh/iNbGgTwO3kV:wnd6cpTVplZgbGgTwOUV
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-