General
-
Target
70e483ab51c94cd2318fb5cb0de989fd.zip
-
Size
201KB
-
Sample
230704-hkqc9abd49
-
MD5
e395439ec5f8e5cad40e75afa9b330c2
-
SHA1
15524c9e60b7a4ae12587ad78657e4be1cea94c4
-
SHA256
0a29a1f7209a2df645142f4964d016d0b90f9e2702dd3b702bb5b2f84203b064
-
SHA512
93dc5c9b2a257ffc8340282e22c62ca7eb8a8320160bfa621acc5f556eec7e78b14368ca1acfbe1955d45caf4525b8aac4021e41bd5dc5f9842eeaea00d5ba20
-
SSDEEP
6144:l7GYBKCHDKi2pdS91Br7oxEKnHhaqa1KJ:c8K6DLeY9HnoVBxJ
Static task
static1
Behavioral task
behavioral1
Sample
ORDER.js
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
ORDER.js
Resource
win10-20230703-en
Behavioral task
behavioral3
Sample
ORDER.js
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
ORDER.js
-
Size
912KB
-
MD5
70e483ab51c94cd2318fb5cb0de989fd
-
SHA1
8bb7ff7229a9eb8230dcbdc8507e60b3403313c0
-
SHA256
a0041aa69a92b8a85e020dcf6424960e466c4e2f315a556bed9e06d870dddf47
-
SHA512
350dac5a389fbdf85c770a1d4858b2152eceb8903558f0a5b37a95bb172a987eea2c932dd9bf06bd62f813e4b334daff3d83838a9e127f1135e2c077b0cb972a
-
SSDEEP
1536:j21Ax5SP/rgoMp633kUFPyHqVfxkCx1UE8o1TQ5CAiaRgd6W0NQHMpgac+0rOMzc:Uh+vek3mUQKN
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-