General
-
Target
SIBAIRQ-PD-PUR-926.js
-
Size
984KB
-
Sample
230123-pg6pdseg5v
-
MD5
23e6dafa419a763923005e18ac40b8b4
-
SHA1
8e1d466bbf8278d773c30198fd166c8f2cc95134
-
SHA256
12736919f6e945cb175325bcffb7ca8fff02db430fea5803c76a73cc2145436c
-
SHA512
9db15577ef3b80a5503c561c01914548e5c2b8a56d59673a1d48d2fa3ba205a654504adc7d297258bb70ee681e81d4b4d6367fe1d7e244ceaaff9e00780efae3
-
SSDEEP
6144:eQfPBx5q0sQ1o7rsbHC01mDBpNW2mTMSbpuV8TSLcNdxzBalYlR:eQ3B7qgpILczr
Static task
static1
Behavioral task
behavioral1
Sample
SIBAIRQ-PD-PUR-926.js
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SIBAIRQ-PD-PUR-926.js
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
SIBAIRQ-PD-PUR-926.js
-
Size
984KB
-
MD5
23e6dafa419a763923005e18ac40b8b4
-
SHA1
8e1d466bbf8278d773c30198fd166c8f2cc95134
-
SHA256
12736919f6e945cb175325bcffb7ca8fff02db430fea5803c76a73cc2145436c
-
SHA512
9db15577ef3b80a5503c561c01914548e5c2b8a56d59673a1d48d2fa3ba205a654504adc7d297258bb70ee681e81d4b4d6367fe1d7e244ceaaff9e00780efae3
-
SSDEEP
6144:eQfPBx5q0sQ1o7rsbHC01mDBpNW2mTMSbpuV8TSLcNdxzBalYlR:eQ3B7qgpILczr
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-