General
-
Target
Proof Of Payment.js
-
Size
889KB
-
Sample
221107-nrzhdsgcgp
-
MD5
a126b82324395f382c41e487b625e0a2
-
SHA1
f8dd10b261c136a3737b55e4b58fac820b4f999e
-
SHA256
4ed978dd7a57e5df732c4a20a738adb245aa389abfad3ed9aa784f57325e990e
-
SHA512
5d501f5fb1d8539e3da10a608e676189be21bef626ca40192c908fa3e952300ea952c7be19704575b51868e0138b7951ea2d267412d1aed9dbaf6e1aeccc1698
-
SSDEEP
12288:xwvA6gJiE4/yq+fC3oFI3DvWsVhHq/06enhqq0BLS9m/XLq8Sxd:lLGyqsCzpKsTx6Lx0xd
Static task
static1
Behavioral task
behavioral1
Sample
Proof Of Payment.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Proof Of Payment.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Proof Of Payment.js
-
Size
889KB
-
MD5
a126b82324395f382c41e487b625e0a2
-
SHA1
f8dd10b261c136a3737b55e4b58fac820b4f999e
-
SHA256
4ed978dd7a57e5df732c4a20a738adb245aa389abfad3ed9aa784f57325e990e
-
SHA512
5d501f5fb1d8539e3da10a608e676189be21bef626ca40192c908fa3e952300ea952c7be19704575b51868e0138b7951ea2d267412d1aed9dbaf6e1aeccc1698
-
SSDEEP
12288:xwvA6gJiE4/yq+fC3oFI3DvWsVhHq/06enhqq0BLS9m/XLq8Sxd:lLGyqsCzpKsTx6Lx0xd
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-