General

  • Target

    30-August-7928626135.zip

  • Size

    298KB

  • Sample

    220830-x7jljsggb4

  • MD5

    3efeef350e55715cbfadcc07403a257e

  • SHA1

    dcbae14f0ce6a4e0a200c5c5526cf295d86f68b8

  • SHA256

    91f8773e8bcf4bc8f59d682232ffac1958b2e8e8f4c0dff8b26cea9e387b1add

  • SHA512

    8f9a58470e1ac2f8d8e87f87233cdf4467222fe5b9f29c860facfce8d82fda4fe6d1793ee1c154027e9c30bd8a751d732e0af971992a9d7f3fabb8f21839bb49

  • SSDEEP

    6144:6uf8V5lfg/ONNJJfGoAlgbJD+n6sIlQSUbzT6Q6d1s8o:1fq3uOlJ1agd+n6+SINl8o

Score
10/10

Malware Config

Targets

    • Target

      307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b

    • Size

      483KB

    • MD5

      2c65821f5cfc47eed6711c567aa39b30

    • SHA1

      e65a5fc04c87c9dce6e4f319fd35da64e97110e9

    • SHA256

      307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b

    • SHA512

      2fbbdd3d0bcdbb89d99e5eaa8a07068ba8afd2c53d60700c9866dea7d954be96182ec79e34c7e0b40410927aa9ee2012b1b93626b4c7ffec263ffed91341f950

    • SSDEEP

      6144:SQwK3Snulaxl4khEfD3xA7Wiagmd4iLAmWC6AfF:obFhEfD3xviagmd4iLAmWC6a

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      City_of_gaithersburg_lease_agreement (igzs).js

    • Size

      483KB

    • MD5

      99c6c1df3e507a330b4d314581156b69

    • SHA1

      b7c8dae9a64821528e5517f15f3a585079b5bd34

    • SHA256

      5011c73dd510ffe97f10b39e63c5695d3db831521ea2ebdce87878811c57d895

    • SHA512

      596b08b884d3052e7f367d67485b04e3ca6d43a10aa90384de75272c812cfdfb31e08e718a49e437639ee6320aa00e26ef10d1493cf8d6c204c82caf5bef276e

    • SSDEEP

      6144:4QmXSsulaxl4khEfDSS/73iagmd4iLAmWE6qsO:B4hEfDSSziagmd4iLAmWE6A

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      City_of_gaithersburg_lease_agreement (rte).js

    • Size

      483KB

    • MD5

      2c65821f5cfc47eed6711c567aa39b30

    • SHA1

      e65a5fc04c87c9dce6e4f319fd35da64e97110e9

    • SHA256

      307327d97f9ea9febfc79484836e04b2a1c05c0f17e15f86ee8b1e12bbdba82b

    • SHA512

      2fbbdd3d0bcdbb89d99e5eaa8a07068ba8afd2c53d60700c9866dea7d954be96182ec79e34c7e0b40410927aa9ee2012b1b93626b4c7ffec263ffed91341f950

    • SSDEEP

      6144:SQwK3Snulaxl4khEfD3xA7Wiagmd4iLAmWC6AfF:obFhEfD3xviagmd4iLAmWC6a

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks