General

  • Target

    Sample_letter_to_cancel_purchase_agreement (rncvt).js

  • Size

    483KB

  • Sample

    220827-q56vqsceg6

  • MD5

    5666e19e419b9372da34b1b2d5b73ce5

  • SHA1

    91dd3c56b5fb50695636ebc7d4d72808bf58b4d7

  • SHA256

    fdfafe7e957d0c0701d04f9acbc14a00107c2b3f22776e93daecb701d51f9ee6

  • SHA512

    0ee01e2c25f0a0e2f167c579cd77cd644189a7901af3d31db996f6aa16d1955cf7753e6f7f929100f91b5f7d4928e2f5fc30188cb2a4108baf35f1b929ca2f20

  • SSDEEP

    6144:sQsXSdulaWl4khEfDvkA7Tiagmd4iLAmWN6QS7:34hEfDvkQiagmd4iLAmWN6T

Score
10/10

Malware Config

Targets

    • Target

      Sample_letter_to_cancel_purchase_agreement (rncvt).js

    • Size

      483KB

    • MD5

      5666e19e419b9372da34b1b2d5b73ce5

    • SHA1

      91dd3c56b5fb50695636ebc7d4d72808bf58b4d7

    • SHA256

      fdfafe7e957d0c0701d04f9acbc14a00107c2b3f22776e93daecb701d51f9ee6

    • SHA512

      0ee01e2c25f0a0e2f167c579cd77cd644189a7901af3d31db996f6aa16d1955cf7753e6f7f929100f91b5f7d4928e2f5fc30188cb2a4108baf35f1b929ca2f20

    • SSDEEP

      6144:sQsXSdulaWl4khEfDvkA7Tiagmd4iLAmWN6QS7:34hEfDvkQiagmd4iLAmWN6T

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks