General
-
Target
30-August-7928626135.zip
-
Size
298KB
-
Sample
220830-x7jljsggb4
-
MD5
3efeef350e55715cbfadcc07403a257e
-
SHA1
dcbae14f0ce6a4e0a200c5c5526cf295d86f68b8
-
SHA256
91f8773e8bcf4bc8f59d682232ffac1958b2e8e8f4c0dff8b26cea9e387b1add
-
SHA512
8f9a58470e1ac2f8d8e87f87233cdf4467222fe5b9f29c860facfce8d82fda4fe6d1793ee1c154027e9c30bd8a751d732e0af971992a9d7f3fabb8f21839bb49
-
SSDEEP
6144:6uf8V5lfg/ONNJJfGoAlgbJD+n6sIlQSUbzT6Q6d1s8o:1fq3uOlJ1agd+n6+SINl8o
Static task
static1
Behavioral task
behavioral1
Sample
307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b.js
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
City_of_gaithersburg_lease_agreement (igzs).js
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
City_of_gaithersburg_lease_agreement (rte).js
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b
-
Size
483KB
-
MD5
2c65821f5cfc47eed6711c567aa39b30
-
SHA1
e65a5fc04c87c9dce6e4f319fd35da64e97110e9
-
SHA256
307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b
-
SHA512
2fbbdd3d0bcdbb89d99e5eaa8a07068ba8afd2c53d60700c9866dea7d954be96182ec79e34c7e0b40410927aa9ee2012b1b93626b4c7ffec263ffed91341f950
-
SSDEEP
6144:SQwK3Snulaxl4khEfD3xA7Wiagmd4iLAmWC6AfF:obFhEfD3xviagmd4iLAmWC6a
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
City_of_gaithersburg_lease_agreement (igzs).js
-
Size
483KB
-
MD5
99c6c1df3e507a330b4d314581156b69
-
SHA1
b7c8dae9a64821528e5517f15f3a585079b5bd34
-
SHA256
5011c73dd510ffe97f10b39e63c5695d3db831521ea2ebdce87878811c57d895
-
SHA512
596b08b884d3052e7f367d67485b04e3ca6d43a10aa90384de75272c812cfdfb31e08e718a49e437639ee6320aa00e26ef10d1493cf8d6c204c82caf5bef276e
-
SSDEEP
6144:4QmXSsulaxl4khEfDSS/73iagmd4iLAmWE6qsO:B4hEfDSSziagmd4iLAmWE6A
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
City_of_gaithersburg_lease_agreement (rte).js
-
Size
483KB
-
MD5
2c65821f5cfc47eed6711c567aa39b30
-
SHA1
e65a5fc04c87c9dce6e4f319fd35da64e97110e9
-
SHA256
307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b
-
SHA512
2fbbdd3d0bcdbb89d99e5eaa8a07068ba8afd2c53d60700c9866dea7d954be96182ec79e34c7e0b40410927aa9ee2012b1b93626b4c7ffec263ffed91341f950
-
SSDEEP
6144:SQwK3Snulaxl4khEfD3xA7Wiagmd4iLAmWC6AfF:obFhEfD3xviagmd4iLAmWC6a
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-