General
-
Target
PO N°CF004303.js
-
Size
45KB
-
Sample
221123-q1t1dafd37
-
MD5
fb075b3dbae613fee795bef80bf3eebc
-
SHA1
f9156e2680111c34a5a56cc3fb36d86742db6ff8
-
SHA256
9060f5e5675f06ff2744114c852ada2f5b146144cec99457f7435c529426fa81
-
SHA512
2e0a57c232afd7516fe98a2a27eae9d8dd97097a9f580a742faa6979a9ab492ef3c1d55de7fb429854482447f7ada6c61a9de171747a4152196aaf711ecabe9c
-
SSDEEP
768:NZLXAlESuz9e/oRmQSL0UvOcVzNf37JxEJNvsgiyYO1x:4iS9/wmQSLQWfX+UAYOH
Static task
static1
Behavioral task
behavioral1
Sample
PO N°CF004303.js
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
PO N°CF004303.js
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
PO N°CF004303.js
-
Size
45KB
-
MD5
fb075b3dbae613fee795bef80bf3eebc
-
SHA1
f9156e2680111c34a5a56cc3fb36d86742db6ff8
-
SHA256
9060f5e5675f06ff2744114c852ada2f5b146144cec99457f7435c529426fa81
-
SHA512
2e0a57c232afd7516fe98a2a27eae9d8dd97097a9f580a742faa6979a9ab492ef3c1d55de7fb429854482447f7ada6c61a9de171747a4152196aaf711ecabe9c
-
SSDEEP
768:NZLXAlESuz9e/oRmQSL0UvOcVzNf37JxEJNvsgiyYO1x:4iS9/wmQSLQWfX+UAYOH
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-