General
-
Target
Atualizacao_plugin_adobe_2025_1749017198.js
-
Size
4KB
-
Sample
250604-h9ye6aam61
-
MD5
5ab27ea90371d433e93ad274f1b596f8
-
SHA1
4cf349fb20e76ad32df359b9f686074670b771c9
-
SHA256
29468996dd9c87967af928e90d2ef29cf1c41222f00eda022d790e1de87408d1
-
SHA512
3739dd76fd440392804ad02f0c32a337e35d56b4fe702c745104ae1e3725a4b90d2be10aae6d4b807c7e0d7ce9db218a3f40d66effa88d3da6d04e79d97bc6f0
-
SSDEEP
96:zVcPPLexaaShb/edp0MMeMEL/ShbP0lOedMamShbPShbMShb5ShbMKShbOE4L+s4:zVe6EK1GDUwBsPRM8MztU4lvP
Static task
static1
Malware Config
Targets
-
-
Target
Atualizacao_plugin_adobe_2025_1749017198.js
-
Size
4KB
-
MD5
5ab27ea90371d433e93ad274f1b596f8
-
SHA1
4cf349fb20e76ad32df359b9f686074670b771c9
-
SHA256
29468996dd9c87967af928e90d2ef29cf1c41222f00eda022d790e1de87408d1
-
SHA512
3739dd76fd440392804ad02f0c32a337e35d56b4fe702c745104ae1e3725a4b90d2be10aae6d4b807c7e0d7ce9db218a3f40d66effa88d3da6d04e79d97bc6f0
-
SSDEEP
96:zVcPPLexaaShb/edp0MMeMEL/ShbP0lOedMamShbPShbMShb5ShbMKShbOE4L+s4:zVe6EK1GDUwBsPRM8MztU4lvP
-
Asyncrat family
-
StormKitty payload
-
Stormkitty family
-
Venomrat family
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-