General
-
Target
iY.js
-
Size
53KB
-
Sample
230321-hs7x9shb54
-
MD5
36621d51e958d1e3154d1d6e81b8e93a
-
SHA1
9ce87c16dc0cad0e0fcf709edb8b0a635e82432e
-
SHA256
6239e4bf81f1fded401ed955f1f870bf1b51a1fd1916a8c7629295b3a84604a6
-
SHA512
a22da574a2d155fd66bbcc1b409cc8164785c336a3d87611af12ff57f426f2e9cdde3befc57efeea879e7bbde2ff96e2a264fd6e29a7914d251476270f847e5a
-
SSDEEP
768:wraoPeWohY+es08VMrE0Uytgk2Z9l7dabRGrpIHFLgkExBpxjwLsz/ERHAQMxqG:wramJows0XrEhobYqL6xB3MLsz/NFxx
Malware Config
Extracted
https://discountlandllc.com/uUbH/cW2ebg
https://kingzunlimited.com/VvAmv/mUioIIipJTQQ
https://smeolbd.com/ntaUX/3MDVH9cdpva7
https://odwazig.nl/xNV7x/uZMaE4mcum
https://sobanaze.com/cJn7i/0f8a0t81i
https://canadianused.com/euSgOJA/QcQ6SSc
https://getcash2surveys.com/0HFE0G/NYoKEHjWnhRr
https://onestopsilkscreeners.ca/o6g4bt1/CC8ely1q
Targets
-
-
Target
iY.js
-
Size
53KB
-
MD5
36621d51e958d1e3154d1d6e81b8e93a
-
SHA1
9ce87c16dc0cad0e0fcf709edb8b0a635e82432e
-
SHA256
6239e4bf81f1fded401ed955f1f870bf1b51a1fd1916a8c7629295b3a84604a6
-
SHA512
a22da574a2d155fd66bbcc1b409cc8164785c336a3d87611af12ff57f426f2e9cdde3befc57efeea879e7bbde2ff96e2a264fd6e29a7914d251476270f847e5a
-
SSDEEP
768:wraoPeWohY+es08VMrE0Uytgk2Z9l7dabRGrpIHFLgkExBpxjwLsz/ERHAQMxqG:wramJows0XrEhobYqL6xB3MLsz/NFxx
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-