General
-
Target
P.O_ 01048.pptx.js.zip
-
Size
73KB
-
Sample
221013-1pqhxsfeej
-
MD5
47fad14271e9416dfdc5e8f6281affca
-
SHA1
fb1940c2c0d1d6fa4f05d9142bd42bd8a5d7b51b
-
SHA256
ca594f1e5cae818ffdea2f8393aad6403b72ef65cdb61cfba3328e8acd101b55
-
SHA512
bc149907fda9e0f662a1dde6cb71b9fa1e9f3f23635cb0b9b27416c4a160f87b7a41c5e16de2a18b5e60ed7512677dc24cf5112fe4010ae26fbc1c8c56f33f23
-
SSDEEP
1536:Px3KLT3CgZCdFyDHZ/QMz3ALj1Hb7KmDbiFlL0lCdxGsp:538StdF4HZ3QRPVDbiFJdxGsp
Static task
static1
Behavioral task
behavioral1
Sample
P.O_ 01048.pptx.js
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
P.O_ 01048.pptx.js
-
Size
113KB
-
MD5
773de46dffbc238da98141607513793e
-
SHA1
667ce9050a6391c54c288dd437d3aeb36d953afb
-
SHA256
b8195f7f098563005962b0b9d09553d1933af2982c47b555e2c6a46ed45d0ad0
-
SHA512
7db9aac1fd96b17e624c6c54e2205cce615b4f5f18f667f71144285c4ffdf9f53ad838ba68d815bc881f6497e69b3f9d4fa2f2bf8cc551d57cf4556df2ca4ae0
-
SSDEEP
3072:IroCuBoIBoxdwmKSrDl0hnfnN8p0tBWvJkOYQjSnn:TChxd5KcDlCc0tIxbG
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-