General

  • Target

    City_of_winnipeg_collective_agreements (tztp).js

  • Size

    483KB

  • Sample

    220831-l571kscfdm

  • MD5

    2deeb8bdd67e3306d3755c59feeff722

  • SHA1

    baa7da8b7503cfc1306b2f0a7c3b7c864e63b468

  • SHA256

    3099f88e871506070db32530b6eedc6ee44a30c181c9bab0a354fd300f36a290

  • SHA512

    73b340e5ab0b24db48e3701c40bee5878258f9270e8994e316a4c7f201352b47eb8f4ce7e40eca3cccf50e562910052e81f80dc561e5638efbfdebed73c0fabc

  • SSDEEP

    6144:FQoISTulaxl4khEfDGPA0Wiagmd4iLAmWR6AKj:PhhEfDGPmiagmd4iLAmWR6L

Score
10/10

Malware Config

Targets

    • Target

      City_of_winnipeg_collective_agreements (tztp).js

    • Size

      483KB

    • MD5

      2deeb8bdd67e3306d3755c59feeff722

    • SHA1

      baa7da8b7503cfc1306b2f0a7c3b7c864e63b468

    • SHA256

      3099f88e871506070db32530b6eedc6ee44a30c181c9bab0a354fd300f36a290

    • SHA512

      73b340e5ab0b24db48e3701c40bee5878258f9270e8994e316a4c7f201352b47eb8f4ce7e40eca3cccf50e562910052e81f80dc561e5638efbfdebed73c0fabc

    • SSDEEP

      6144:FQoISTulaxl4khEfDGPA0Wiagmd4iLAmWR6AKj:PhhEfDGPmiagmd4iLAmWR6L

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks