General
-
Target
Paypal_billing_agreement_cancellation_confirmation (gnw).js
-
Size
483KB
-
Sample
220828-pwybkaaeb9
-
MD5
174cfa1f88a03d8b53da484f48181f35
-
SHA1
137adbe586403afe368d6f28bd3f04c6eb37a386
-
SHA256
58d027896a44afbae845f30c70b3489361cf029d36a0bc259fd85a5a3bdd3bdd
-
SHA512
9304f97897670acc4a1c94d7d9fcf81f25104c7f5390a6825d8afa7e732456ec5eddd26bcb1e57e73a04afe93c8641eb497338042ab91ade061cacd1ed79bcb7
-
SSDEEP
6144:9+QoXSTulaxl4khEfD3xA7Wiagmd4iLAmW76bSM:9B7hEfD3xviagmd4iLAmW763
Static task
static1
Behavioral task
behavioral1
Sample
Paypal_billing_agreement_cancellation_confirmation (gnw).js
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
Paypal_billing_agreement_cancellation_confirmation (gnw).js
-
Size
483KB
-
MD5
174cfa1f88a03d8b53da484f48181f35
-
SHA1
137adbe586403afe368d6f28bd3f04c6eb37a386
-
SHA256
58d027896a44afbae845f30c70b3489361cf029d36a0bc259fd85a5a3bdd3bdd
-
SHA512
9304f97897670acc4a1c94d7d9fcf81f25104c7f5390a6825d8afa7e732456ec5eddd26bcb1e57e73a04afe93c8641eb497338042ab91ade061cacd1ed79bcb7
-
SSDEEP
6144:9+QoXSTulaxl4khEfD3xA7Wiagmd4iLAmW76bSM:9B7hEfD3xviagmd4iLAmW763
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-