General

  • Target

    Paypal_billing_agreement_cancellation_confirmation (gnw).js

  • Size

    483KB

  • Sample

    220828-pwybkaaeb9

  • MD5

    174cfa1f88a03d8b53da484f48181f35

  • SHA1

    137adbe586403afe368d6f28bd3f04c6eb37a386

  • SHA256

    58d027896a44afbae845f30c70b3489361cf029d36a0bc259fd85a5a3bdd3bdd

  • SHA512

    9304f97897670acc4a1c94d7d9fcf81f25104c7f5390a6825d8afa7e732456ec5eddd26bcb1e57e73a04afe93c8641eb497338042ab91ade061cacd1ed79bcb7

  • SSDEEP

    6144:9+QoXSTulaxl4khEfD3xA7Wiagmd4iLAmW76bSM:9B7hEfD3xviagmd4iLAmW763

Score
10/10

Malware Config

Targets

    • Target

      Paypal_billing_agreement_cancellation_confirmation (gnw).js

    • Size

      483KB

    • MD5

      174cfa1f88a03d8b53da484f48181f35

    • SHA1

      137adbe586403afe368d6f28bd3f04c6eb37a386

    • SHA256

      58d027896a44afbae845f30c70b3489361cf029d36a0bc259fd85a5a3bdd3bdd

    • SHA512

      9304f97897670acc4a1c94d7d9fcf81f25104c7f5390a6825d8afa7e732456ec5eddd26bcb1e57e73a04afe93c8641eb497338042ab91ade061cacd1ed79bcb7

    • SSDEEP

      6144:9+QoXSTulaxl4khEfD3xA7Wiagmd4iLAmW76bSM:9B7hEfD3xviagmd4iLAmW763

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks