General
-
Target
1cb72dd000981a7f72f42e187c7a9788ec3d8c972ef0b6052f65ec059cbbb1a1.js
-
Size
835KB
-
Sample
240612-bhrd7sxcrd
-
MD5
a5e17a3b0f562f722011b2025ad1badf
-
SHA1
e3e8457df8c12a7d76c021851c923fbb3f090257
-
SHA256
1cb72dd000981a7f72f42e187c7a9788ec3d8c972ef0b6052f65ec059cbbb1a1
-
SHA512
23930d5bbdc3336fe5599b39c23de6a1319d2032713866eb8bbcb54c4d91aaf4de296b1fa441b7a6bc17dad2bacedf8fd6ed7a4e0efc81a5fb23726d8c4eee7f
-
SSDEEP
768:XQ9KqO+g0ESJoOYHmxzFQi0O7I02iVuUBbS4OPtI0KIr3l9MgkmJ3Eudgis8aidB:XQfRVQgpATGGzIQ1DQ8lU+
Static task
static1
Behavioral task
behavioral1
Sample
1cb72dd000981a7f72f42e187c7a9788ec3d8c972ef0b6052f65ec059cbbb1a1.js
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
1cb72dd000981a7f72f42e187c7a9788ec3d8c972ef0b6052f65ec059cbbb1a1.js
-
Size
835KB
-
MD5
a5e17a3b0f562f722011b2025ad1badf
-
SHA1
e3e8457df8c12a7d76c021851c923fbb3f090257
-
SHA256
1cb72dd000981a7f72f42e187c7a9788ec3d8c972ef0b6052f65ec059cbbb1a1
-
SHA512
23930d5bbdc3336fe5599b39c23de6a1319d2032713866eb8bbcb54c4d91aaf4de296b1fa441b7a6bc17dad2bacedf8fd6ed7a4e0efc81a5fb23726d8c4eee7f
-
SSDEEP
768:XQ9KqO+g0ESJoOYHmxzFQi0O7I02iVuUBbS4OPtI0KIr3l9MgkmJ3Eudgis8aidB:XQfRVQgpATGGzIQ1DQ8lU+
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-