General
-
Target
Payment.js
-
Size
55KB
-
Sample
221006-l1m5lshaa7
-
MD5
6d49539cab32e5d6e2f35b3b1f736319
-
SHA1
53d7377abbf7420b719f63f76c66834e7636c045
-
SHA256
324e965afa5e34b1ed83e39b51801f390ee8e250ae58ec929b2481ef7023c0d7
-
SHA512
9fa6fa9676afaaed81a682c4aac948abb9abb03499a4db065f2fc3b2fc7f2117a6579cf2c0e7b56e89c8c1dd0c2250c9dbbcf012e680682722e7b8a780e76501
-
SSDEEP
1536:W962dIp1LTaGXUpxcVC7cd/2MPCwsZ14a9zcH+IzeP8:W962CXTiI5QrZ143H
Static task
static1
Behavioral task
behavioral1
Sample
Payment.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Payment.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Payment.js
-
Size
55KB
-
MD5
6d49539cab32e5d6e2f35b3b1f736319
-
SHA1
53d7377abbf7420b719f63f76c66834e7636c045
-
SHA256
324e965afa5e34b1ed83e39b51801f390ee8e250ae58ec929b2481ef7023c0d7
-
SHA512
9fa6fa9676afaaed81a682c4aac948abb9abb03499a4db065f2fc3b2fc7f2117a6579cf2c0e7b56e89c8c1dd0c2250c9dbbcf012e680682722e7b8a780e76501
-
SSDEEP
1536:W962dIp1LTaGXUpxcVC7cd/2MPCwsZ14a9zcH+IzeP8:W962CXTiI5QrZ143H
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-