Extracted

• • Target

    DHL_Shipping_Invoices_Awb_BL_000000000101820242247820020031808174Global180030010182024.js

  • Size

    189KB

  • MD5

    cb815ee4d4152ecff4d12d1e5666070b

  • SHA1

    b80d893b0b586948d8adeaa39b8d0ea79afbf96d

  • SHA256

    09305cbd79102f8a6d7623569c6e0a238fb5c800bd66ab26340c8a0eeab9cb39

  • SHA512

    0c29791c1ff8b92155a45357674a143f1eadf5d0846070deb78a13940d37f1fc4ad210486b32392ae5f0a1f3406a60318940073b8731fc9297326c8c45778ec4

  • SSDEEP

    1536:9BlNFsBL0v4ahId4o4hmhYP/uJh7fZFnvdRC:rnFsBLQ

  Score

  10^/10

  discoveryexecution

  • Blocklisted process makes network request

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Command and Scripting Interpreter: PowerShell

    Using powershell.exe command.

    execution
  behavioral1behavioral2