General
-
Target
26-Aug-2-7918046160.zip
-
Size
278KB
-
Sample
220826-wwantsghh4
-
MD5
6929e35f3524ee2caf14ed1f169d1d81
-
SHA1
5fb015ec740e78e14ed1430c6667ddd483597fc8
-
SHA256
79583396d8d207fca29e60143be07d488ef2d32a16b55dbec045819ecaebd5b0
-
SHA512
719419e3787d19fade3cb8fe8083a9b5213f35fb15ea3613b3a0deff3805d668702dc48ee0bc7cb5ab380691db4cd069af40b140a7005bf83424636ba664ec61
-
SSDEEP
6144:Owt0lfQiCVza1oZOyCSLqyrzFvVAVB8NfHVI55caWD:OwtYfQiCVzamLV/Fqj81H6vED
Static task
static1
Behavioral task
behavioral1
Sample
Home_depot_equipment_rental_agreement (zst).js
Resource
win10v2004-20220812-en
Behavioral task
behavioral2
Sample
67eb5b143270f50973f89cc44204c74497ed59a68ece5edb4300e05329f2fdfc.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
e15babd09464b8d359d648238634ee070fbf04a2ddf213d47712b8fbd7d60796.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Home_depot_equipment_rental_agreement (zst).js
-
Size
483KB
-
MD5
e21d595b5d57b33bfa53c744e004d415
-
SHA1
aa20caa63ee743a4dd559437621b1ba33169e669
-
SHA256
71c4b8f69cd8d834dbca5f0617f05f47fd10a966c2363c8a37d7665ed8935a60
-
SHA512
b773a31306fab407d6217b3a23528ca0c574ec580bafc7bb2e431e837337331ce2823ca051242c4ddc7f1360bbcb086236d7f76df060016fc8d196a84b07e6ac
-
SSDEEP
6144:aQzL/bulaKl4khEfD3xA7Fiagmd4iLAmWf67SF:XShEfD3xMiagmd4iLAmWf6Y
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
67eb5b143270f50973f89cc44204c74497ed59a68ece5edb4300e05329f2fdfc
-
Size
255KB
-
MD5
6ad3ceecdcc81b4cf6988ea7de781f55
-
SHA1
8d56528f87f3a0507890c0a05183d2e3d1116b58
-
SHA256
67eb5b143270f50973f89cc44204c74497ed59a68ece5edb4300e05329f2fdfc
-
SHA512
2f274e317f069b961c114ce942019e6a26ae3d73e7a2e9eeea198ed3b56733e33ff4711513a32d2f1578cd653eb1451d6d1905d8eb79c3f411a0a2165665a96e
-
SSDEEP
6144:yeLfh6nHcr8uVJTdptYmDDYFEFy41vL/bVX8KlLHIPf26ADD14RH:yIPYmDcmFyisiMPflADDSRH
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
e15babd09464b8d359d648238634ee070fbf04a2ddf213d47712b8fbd7d60796
-
Size
483KB
-
MD5
f7ccf79ff547bcedca72fb4678cc5cf2
-
SHA1
39d7c1ca84b059b6e5435ed884f6050cde513e4d
-
SHA256
e15babd09464b8d359d648238634ee070fbf04a2ddf213d47712b8fbd7d60796
-
SHA512
34345e6976d0f2990b773c67fdd56b958746251f40fa74de5d1432101a8e1eea28992c97f74d377109e1ccbbdc1ded12c96addda78583cf72aceeeab260635e1
-
SSDEEP
6144:0QZjxo7fulaxl4khEfDlxmdziagmd4iLAmW06MSF:P69hEfDlx4iagmd4iLAmW065
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-