General
-
Target
6220_837_pdf.js
-
Size
320KB
-
Sample
230705-xqpfgafc97
-
MD5
8008857b28d94bb0df9b513906ed1508
-
SHA1
d88e06d7ace9289d09a652e294c0654cfd0b573d
-
SHA256
de98a33ed6bbd7f0d48346d4a55fb7519b9d6c5afa0e1b46e97c41d0a722fd47
-
SHA512
720f41be8cbd3545d54d4a307559a460e4b2da0a75dc48914f1bd6645911cfb9a0a95f493afdb91f825d8296d2d1d578750f414a31580851a2be0d8c5a15bacc
-
SSDEEP
1536:JAYMJMMPQXgBFhHZqOQYcEp24+zVevP5e+3kGra+TmarAYvJMMPQXgBFhHZrOQYW:RgBFhQOQY06TagBFhFOQY06T4
Static task
static1
Behavioral task
behavioral1
Sample
6220_837_pdf.js
Resource
win10v2004-20230703-en
Malware Config
Extracted
http://cryptersandtools.minhacasa.tv/e/js_startup
Targets
-
-
Target
6220_837_pdf.js
-
Size
320KB
-
MD5
8008857b28d94bb0df9b513906ed1508
-
SHA1
d88e06d7ace9289d09a652e294c0654cfd0b573d
-
SHA256
de98a33ed6bbd7f0d48346d4a55fb7519b9d6c5afa0e1b46e97c41d0a722fd47
-
SHA512
720f41be8cbd3545d54d4a307559a460e4b2da0a75dc48914f1bd6645911cfb9a0a95f493afdb91f825d8296d2d1d578750f414a31580851a2be0d8c5a15bacc
-
SSDEEP
1536:JAYMJMMPQXgBFhHZqOQYcEp24+zVevP5e+3kGra+TmarAYvJMMPQXgBFhHZrOQYW:RgBFhQOQY06TagBFhFOQY06T4
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-