Resubmissions

26-08-2022 18:15

220826-wwantsghh4 10

26-08-2022 18:08

220826-wrbekafhdk 10

General

  • Target

    26-Aug-2-7918046160.zip

  • Size

    278KB

  • Sample

    220826-wwantsghh4

  • MD5

    6929e35f3524ee2caf14ed1f169d1d81

  • SHA1

    5fb015ec740e78e14ed1430c6667ddd483597fc8

  • SHA256

    79583396d8d207fca29e60143be07d488ef2d32a16b55dbec045819ecaebd5b0

  • SHA512

    719419e3787d19fade3cb8fe8083a9b5213f35fb15ea3613b3a0deff3805d668702dc48ee0bc7cb5ab380691db4cd069af40b140a7005bf83424636ba664ec61

  • SSDEEP

    6144:Owt0lfQiCVza1oZOyCSLqyrzFvVAVB8NfHVI55caWD:OwtYfQiCVzamLV/Fqj81H6vED

Score
10/10

Malware Config

Targets

    • Target

      Home_depot_equipment_rental_agreement (zst).js

    • Size

      483KB

    • MD5

      e21d595b5d57b33bfa53c744e004d415

    • SHA1

      aa20caa63ee743a4dd559437621b1ba33169e669

    • SHA256

      71c4b8f69cd8d834dbca5f0617f05f47fd10a966c2363c8a37d7665ed8935a60

    • SHA512

      b773a31306fab407d6217b3a23528ca0c574ec580bafc7bb2e431e837337331ce2823ca051242c4ddc7f1360bbcb086236d7f76df060016fc8d196a84b07e6ac

    • SSDEEP

      6144:aQzL/bulaKl4khEfD3xA7Fiagmd4iLAmWf67SF:XShEfD3xMiagmd4iLAmWf6Y

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      67eb5b143270f50973f89cc44204c74497ed59a68ece5edb4300e05329f2fdfc

    • Size

      255KB

    • MD5

      6ad3ceecdcc81b4cf6988ea7de781f55

    • SHA1

      8d56528f87f3a0507890c0a05183d2e3d1116b58

    • SHA256

      67eb5b143270f50973f89cc44204c74497ed59a68ece5edb4300e05329f2fdfc

    • SHA512

      2f274e317f069b961c114ce942019e6a26ae3d73e7a2e9eeea198ed3b56733e33ff4711513a32d2f1578cd653eb1451d6d1905d8eb79c3f411a0a2165665a96e

    • SSDEEP

      6144:yeLfh6nHcr8uVJTdptYmDDYFEFy41vL/bVX8KlLHIPf26ADD14RH:yIPYmDcmFyisiMPflADDSRH

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      e15babd09464b8d359d648238634ee070fbf04a2ddf213d47712b8fbd7d60796

    • Size

      483KB

    • MD5

      f7ccf79ff547bcedca72fb4678cc5cf2

    • SHA1

      39d7c1ca84b059b6e5435ed884f6050cde513e4d

    • SHA256

      e15babd09464b8d359d648238634ee070fbf04a2ddf213d47712b8fbd7d60796

    • SHA512

      34345e6976d0f2990b773c67fdd56b958746251f40fa74de5d1432101a8e1eea28992c97f74d377109e1ccbbdc1ded12c96addda78583cf72aceeeab260635e1

    • SSDEEP

      6144:0QZjxo7fulaxl4khEfDlxmdziagmd4iLAmW06MSF:P69hEfDlx4iagmd4iLAmW065

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks