General
-
Target
P.O 01048.pptx.js
-
Size
113KB
-
Sample
221014-gqwxjsahej
-
MD5
23534d1b4a9ccc1779e33d68f1fdca2c
-
SHA1
25b15d510fe0f138be1b518daf0818808650be70
-
SHA256
195c5836446c7a50b2b6486b74331ba3cfd6ed143cafba073ab47f049a56651e
-
SHA512
f5b0cfe34cace42a7771e32ad8804ba5a0903ca63a30e01022afc8d641da62de217059ea00f277bab7d9c09a5e4bd9b15a793a4e9b85f714fc4c7f596a8cc559
-
SSDEEP
3072:KA8Bisb+2/XYc0ZxO7e8/TBuEohoENU3GicdYhz0xM:mS2/oXZW1uEqbKRz0xM
Static task
static1
Behavioral task
behavioral1
Sample
P.O 01048.pptx.js
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
P.O 01048.pptx.js
-
Size
113KB
-
MD5
23534d1b4a9ccc1779e33d68f1fdca2c
-
SHA1
25b15d510fe0f138be1b518daf0818808650be70
-
SHA256
195c5836446c7a50b2b6486b74331ba3cfd6ed143cafba073ab47f049a56651e
-
SHA512
f5b0cfe34cace42a7771e32ad8804ba5a0903ca63a30e01022afc8d641da62de217059ea00f277bab7d9c09a5e4bd9b15a793a4e9b85f714fc4c7f596a8cc559
-
SSDEEP
3072:KA8Bisb+2/XYc0ZxO7e8/TBuEohoENU3GicdYhz0xM:mS2/oXZW1uEqbKRz0xM
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops file in System32 directory
-