General
-
Target
node-v22.11.0-x64.msi
-
Size
28.9MB
-
Sample
241218-21nddawjh1
-
MD5
fa9e1f3064a66913362e9bff7097cef5
-
SHA1
b34f1f9a9f6242c54486a4bc453a9336840b4425
-
SHA256
9eea480bd30c98ae11a97cb89a9278235cbbbd03c171ee5e5198bd86b7965b4b
-
SHA512
ad3e9469326dccac6b49185b5b2814ba700b5d83b4b3ce17f85a9adc5f90bdebf54d79800b253ed5c371ab82d27304841f86ab1a8a3c7ffade8a2d78e55dc99f
-
SSDEEP
786432:EtShU+9S49htlhk3tKuiU9IsO9IP1/lBMS8k4:EAUK/U9IN961/l
Static task
static1
Behavioral task
behavioral1
Sample
node-v22.11.0-x64.msi
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
node-v22.11.0-x64.msi
-
Size
28.9MB
-
MD5
fa9e1f3064a66913362e9bff7097cef5
-
SHA1
b34f1f9a9f6242c54486a4bc453a9336840b4425
-
SHA256
9eea480bd30c98ae11a97cb89a9278235cbbbd03c171ee5e5198bd86b7965b4b
-
SHA512
ad3e9469326dccac6b49185b5b2814ba700b5d83b4b3ce17f85a9adc5f90bdebf54d79800b253ed5c371ab82d27304841f86ab1a8a3c7ffade8a2d78e55dc99f
-
SSDEEP
786432:EtShU+9S49htlhk3tKuiU9IsO9IP1/lBMS8k4:EAUK/U9IN961/l
-
A potential corporate email address has been identified in the URL: currency-file@1
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-