General
-
Target
ffbde0f247e5b421587b145e6318fb71
-
Size
23KB
-
Sample
220927-yy7gpaedc6
-
MD5
ffbde0f247e5b421587b145e6318fb71
-
SHA1
78aa027167bf7bbde544c52c37f9132929d9b36e
-
SHA256
94224909ac01395150805266e1c822627db7b456c24e66a8900f737637bfdcb1
-
SHA512
cb7c5c6655164f891bf44f2051a8c2773ea84112a891d0cd42eb66358558054329866ab80070dec8f2ed7e2bf5d8371b523dd5e40ffda841deb956a21470a432
-
SSDEEP
384:0gk8rzdM29+qROvRPRRWAJuOM2xFBu0m7OsTJ0GdymcePedvlfbma22Yh+9tWo:ZaML0vR58yuOMi6B3J00gaoBbJl0o
Static task
static1
Behavioral task
behavioral1
Sample
Paymenta 09262022.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Paymenta 09262022.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Paymenta 09262022.js
-
Size
42KB
-
MD5
6719cf030d162f7c95d681b95b865822
-
SHA1
9d7e31084ae987c0e6994b0b9ddd238af1084e8b
-
SHA256
505b40fdf87ce02b9d45a54e273e9c8b28ca359a45af873a29736082e95cdc91
-
SHA512
2ed028f63bea7833c0f162b357b83a550bc413289f4fe7d7d43b3c0907db71804251b7ea62be892fd2e5869370f44f9c6f3220d082aefb7680b2dcc6eb9151df
-
SSDEEP
768:wNjCAHbvwFTWvRFEFMix1tdorH2OAH1XJLYlCH56v+1KnLmV80XD:6jdbaTWv7EFMkorWOAH1XJsCH56vwmLw
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-