General
-
Target
2-Sept-7853326275.zip
-
Size
399KB
-
Sample
220902-l2tnsaeda7
-
MD5
b41c34bb959add1386debc1b44bd16d0
-
SHA1
b62d16d438059dc9e368938358d0859e22ba24bb
-
SHA256
efa71e4c6b52be12d66ba4433a51db55f19ba3aa95ea419c996b3479944193e5
-
SHA512
187eca00d7dfbb1ddb86bb0d4c4adfbc68b330aa60e2c0d4bc8a5d5381efea2b4a31c384c73e0e8642212e8c60fb389dfcf8208591839e758f5713933ad4616c
-
SSDEEP
12288:Oxjt0AxvvdHndi5TNjDY+Hq7+TrCNvzx+qlJhJ:Kjt0CXToJHlH0Nvz5lJj
Static task
static1
Behavioral task
behavioral1
Sample
Tree_removal_agreement_between_neighbor's (fz).js
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
89e8adf38d2329d1654747db28d57b830b324136f66dfc2abe6bec2bea87c80c.js
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a.js
Resource
win10-20220812-en
Behavioral task
behavioral4
Sample
Is_a_hand_written_custody_agreement_legal (omp).js
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
Tree_removal_agreement_between_neighbor's (fz).js
-
Size
483KB
-
MD5
70431b33daf24ceaa1d13884889e6687
-
SHA1
80b5aa7b3a68836b2b7b3046c0295b4ddb5866ca
-
SHA256
947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a
-
SHA512
3ed05bef14418fd25b064665c4f4c2d35f976c8365e352c130a2661afab22e0050f8574b189a711e959f981e8c8f508c5249f06157efd5a5c2f99eb433bcb9cd
-
SSDEEP
6144:uUQNXSZulaxl4khEfD3vb7biagmdpiLAmWR6GSF:bvhEfD3vriagmdpiLAmWR6j
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
89e8adf38d2329d1654747db28d57b830b324136f66dfc2abe6bec2bea87c80c
-
Size
483KB
-
MD5
522c343ea8b6943a378949bee601d065
-
SHA1
acf1e0bcd86260e63f5e5dfa09032a181b92b8ac
-
SHA256
89e8adf38d2329d1654747db28d57b830b324136f66dfc2abe6bec2bea87c80c
-
SHA512
83b801e36bdb2129f8834bc914969265f3517b629f8ac13bb3c8621f3c020a7c111b7880cf30a507a8020bce4866241a8e5c7d4598620c77de87471d712b64fc
-
SSDEEP
6144:/p0QfQSCulaxl4khEfD3AA7Ciagmd4iLAmWR6TiSA:hdWhEfD3Abiagmd4iLAmWR62
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a
-
Size
483KB
-
MD5
70431b33daf24ceaa1d13884889e6687
-
SHA1
80b5aa7b3a68836b2b7b3046c0295b4ddb5866ca
-
SHA256
947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a
-
SHA512
3ed05bef14418fd25b064665c4f4c2d35f976c8365e352c130a2661afab22e0050f8574b189a711e959f981e8c8f508c5249f06157efd5a5c2f99eb433bcb9cd
-
SSDEEP
6144:uUQNXSZulaxl4khEfD3vb7biagmdpiLAmWR6GSF:bvhEfD3vriagmdpiLAmWR6j
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
Is_a_hand_written_custody_agreement_legal (omp).js
-
Size
483KB
-
MD5
5ed401a80f318847b0da8627a4460e76
-
SHA1
bb8ed711de598261b700c7f705adaf17024eb3d2
-
SHA256
de7a72d1bbdb88ae0679a48dfc259c728f5a64cd92dc60eac494e94298663246
-
SHA512
5d1c35bed3948722db593e70b09801e16c623a2b07bfa0a21f3b3baa66e0d97d3a7390e3456cce69e38111ca3bac12bf428a61799d85c2f9e735b2a193e1de55
-
SSDEEP
6144:eJirbQNZXSnulaxl4FhEfD3C9A7Biagmd4iLAmWo6kSF:eJir4oWhEfD3C9wiagmd4iLAmWo6B
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-