General
-
Target
IMG-02200001.js
-
Size
14KB
-
Sample
221005-l6smaaeab7
-
MD5
abe454ff73cc47686a8dc9a80d42b764
-
SHA1
a2b1ec806ab1d131aaa736bd6f8825f9bd8e303c
-
SHA256
7fb2e5a6bc97c04d0fab46503ebd49d6b809e04506c06734c9c1e8584059b6a9
-
SHA512
3fda2a1c37880ccfde59c7dc6e94938e51ac3e83b7c79c3a166173318178714ed195b54bc8f66d5a56cda89d23ccc9a958a9dcc0f7f1ef49c00ec3fed1c11330
-
SSDEEP
384:8EVAFXOaE6YD+f0UELie88fbKbPySqewMtYevFSr7:8EKFXOvYMWXZbPVqRuSr7
Static task
static1
Behavioral task
behavioral1
Sample
IMG-02200001.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
IMG-02200001.js
Resource
win10v2004-20220812-en
Malware Config
Extracted
vjw0rm
http://severdops.ddns.net:5050
Targets
-
-
Target
IMG-02200001.js
-
Size
14KB
-
MD5
abe454ff73cc47686a8dc9a80d42b764
-
SHA1
a2b1ec806ab1d131aaa736bd6f8825f9bd8e303c
-
SHA256
7fb2e5a6bc97c04d0fab46503ebd49d6b809e04506c06734c9c1e8584059b6a9
-
SHA512
3fda2a1c37880ccfde59c7dc6e94938e51ac3e83b7c79c3a166173318178714ed195b54bc8f66d5a56cda89d23ccc9a958a9dcc0f7f1ef49c00ec3fed1c11330
-
SSDEEP
384:8EVAFXOaE6YD+f0UELie88fbKbPySqewMtYevFSr7:8EKFXOvYMWXZbPVqRuSr7
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-