General
-
Target
ad520cde82e481399b6db207334548c2
-
Size
35KB
-
Sample
220927-yyweesfedn
-
MD5
ad520cde82e481399b6db207334548c2
-
SHA1
c0833dbefefd4f8de66d1506be03e13568e2c9b5
-
SHA256
84835ff938a5f07b9bce0af90cc2a2614b35cb7dfd6691813e0a7b2c39eeb2f1
-
SHA512
71f100ac98291216a8db4fc2f5c4499a673b0cc1914b769302b9e3b03a5ad2c29a7c6d29f9dd3ffc9aa0a3941e9a51a64aac9cc1cc20cc729c2cff7122aa74ea
-
SSDEEP
768:kL+mz+v+tHnY+LpV3z++IN4vsaML0vR58yuOMi6B3J00gaoBbJl0T:89cN4v00Z58yurBZ0pBbD0
Static task
static1
Behavioral task
behavioral1
Sample
Paymenta 09262022.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Paymenta 09262022.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Paymenta 09262022.js
-
Size
42KB
-
MD5
6719cf030d162f7c95d681b95b865822
-
SHA1
9d7e31084ae987c0e6994b0b9ddd238af1084e8b
-
SHA256
505b40fdf87ce02b9d45a54e273e9c8b28ca359a45af873a29736082e95cdc91
-
SHA512
2ed028f63bea7833c0f162b357b83a550bc413289f4fe7d7d43b3c0907db71804251b7ea62be892fd2e5869370f44f9c6f3220d082aefb7680b2dcc6eb9151df
-
SSDEEP
768:wNjCAHbvwFTWvRFEFMix1tdorH2OAH1XJLYlCH56v+1KnLmV80XD:6jdbaTWv7EFMkorWOAH1XJsCH56vwmLw
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-