General
-
Target
INV.-OUTSTANDING-PAYMENT.js
-
Size
1.0MB
-
Sample
221212-vhzv5abh73
-
MD5
35d64051bf6acabd18e873e66bdfb490
-
SHA1
78869aa750d9432e1ebb42b9b547050b547ae830
-
SHA256
f270c7cc173c3a2a62b8e608ec403d7fb7d999befd63a090e1d70cd645dcab09
-
SHA512
107b5a20c2a14170d47b9f2b35538d1ac6a792deb1a1d6372f46739d99df43fa3cfbc57fd5283bbdf4ba8aa44d89e6e26e918f5fe018701291c06128629a77bc
-
SSDEEP
12288:FIGmIto4qvCwQqrkN0a13GrVVoMn8dp+lxYNI9D6gMGuU+0S87i7xIYFBzUQTMCK:3MXoNQPkzGsy6uuU+kMDmvJ
Static task
static1
Behavioral task
behavioral1
Sample
INV.-OUTSTANDING-PAYMENT.js
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
INV.-OUTSTANDING-PAYMENT.js
-
Size
1.0MB
-
MD5
35d64051bf6acabd18e873e66bdfb490
-
SHA1
78869aa750d9432e1ebb42b9b547050b547ae830
-
SHA256
f270c7cc173c3a2a62b8e608ec403d7fb7d999befd63a090e1d70cd645dcab09
-
SHA512
107b5a20c2a14170d47b9f2b35538d1ac6a792deb1a1d6372f46739d99df43fa3cfbc57fd5283bbdf4ba8aa44d89e6e26e918f5fe018701291c06128629a77bc
-
SSDEEP
12288:FIGmIto4qvCwQqrkN0a13GrVVoMn8dp+lxYNI9D6gMGuU+0S87i7xIYFBzUQTMCK:3MXoNQPkzGsy6uuU+kMDmvJ
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops file in System32 directory
-