General
-
Target
2.7z
-
Size
135KB
-
Sample
230123-qdcsksdc85
-
MD5
4c7bf967dbd873aa146e6eac6326bbce
-
SHA1
c6b12d2adac2da73f2411cacbe9ceb9c6fa412bb
-
SHA256
5139042abdffe2246bdb46ad71300c9271194697d85741bccaaab4977fa02783
-
SHA512
273973b61b6e9c6c7352c4c6d7b6298397a1878cc20629789c5303bb28e7a454aacc3587a83b51c1dca82a5a033b3d1264e08243229d4ff012d0b7ce4034abd0
-
SSDEEP
3072:yFV8hrM68KK5YsHeqqzh0feSm8wVP7tFO0ZuYIubO2e4yEk5:8Varj8KK5Yaqzh0G8wVP7tFXZuHo6
Static task
static1
Behavioral task
behavioral1
Sample
1.js
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
2.js
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
2.js
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
1.js
-
Size
40KB
-
MD5
f297762186cba5a11c2d09c66b61ae97
-
SHA1
5a38dcaac81399d9d6c2bbbac0cc601e4a6950d9
-
SHA256
ef8acdcee4cf21c8a88af63119596dfe7b4971b53d4e96b0a05500c7ae50b1d3
-
SHA512
b6ff2066d8d091f9b64b60b9d48a604ebd6dc038877aa6764d39db7347d5173debe4ab46ddf94d09d93777bb3d696f5c7a2b33469ac2a84b83fdffed27cadc32
-
SSDEEP
384:4EZdlKCY9L+gGpL0trwZxyHa9q0w7cft19UQ1+e9d0dpcbg:42ladGpLgwKGRF1eBcbg
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
2.js
-
Size
984KB
-
MD5
23e6dafa419a763923005e18ac40b8b4
-
SHA1
8e1d466bbf8278d773c30198fd166c8f2cc95134
-
SHA256
12736919f6e945cb175325bcffb7ca8fff02db430fea5803c76a73cc2145436c
-
SHA512
9db15577ef3b80a5503c561c01914548e5c2b8a56d59673a1d48d2fa3ba205a654504adc7d297258bb70ee681e81d4b4d6367fe1d7e244ceaaff9e00780efae3
-
SSDEEP
6144:eQfPBx5q0sQ1o7rsbHC01mDBpNW2mTMSbpuV8TSLcNdxzBalYlR:eQ3B7qgpILczr
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-