General

  • Target

    2-Sept-7853326275.zip

  • Size

    399KB

  • Sample

    220902-l2tnsaeda7

  • MD5

    b41c34bb959add1386debc1b44bd16d0

  • SHA1

    b62d16d438059dc9e368938358d0859e22ba24bb

  • SHA256

    efa71e4c6b52be12d66ba4433a51db55f19ba3aa95ea419c996b3479944193e5

  • SHA512

    187eca00d7dfbb1ddb86bb0d4c4adfbc68b330aa60e2c0d4bc8a5d5381efea2b4a31c384c73e0e8642212e8c60fb389dfcf8208591839e758f5713933ad4616c

  • SSDEEP

    12288:Oxjt0AxvvdHndi5TNjDY+Hq7+TrCNvzx+qlJhJ:Kjt0CXToJHlH0Nvz5lJj

Score
10/10

Malware Config

Targets

    • Target

      Tree_removal_agreement_between_neighbor's (fz).js

    • Size

      483KB

    • MD5

      70431b33daf24ceaa1d13884889e6687

    • SHA1

      80b5aa7b3a68836b2b7b3046c0295b4ddb5866ca

    • SHA256

      947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a

    • SHA512

      3ed05bef14418fd25b064665c4f4c2d35f976c8365e352c130a2661afab22e0050f8574b189a711e959f981e8c8f508c5249f06157efd5a5c2f99eb433bcb9cd

    • SSDEEP

      6144:uUQNXSZulaxl4khEfD3vb7biagmdpiLAmWR6GSF:bvhEfD3vriagmdpiLAmWR6j

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      89e8adf38d2329d1654747db28d57b830b324136f66dfc2abe6bec2bea87c80c

    • Size

      483KB

    • MD5

      522c343ea8b6943a378949bee601d065

    • SHA1

      acf1e0bcd86260e63f5e5dfa09032a181b92b8ac

    • SHA256

      89e8adf38d2329d1654747db28d57b830b324136f66dfc2abe6bec2bea87c80c

    • SHA512

      83b801e36bdb2129f8834bc914969265f3517b629f8ac13bb3c8621f3c020a7c111b7880cf30a507a8020bce4866241a8e5c7d4598620c77de87471d712b64fc

    • SSDEEP

      6144:/p0QfQSCulaxl4khEfD3AA7Ciagmd4iLAmWR6TiSA:hdWhEfD3Abiagmd4iLAmWR62

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a

    • Size

      483KB

    • MD5

      70431b33daf24ceaa1d13884889e6687

    • SHA1

      80b5aa7b3a68836b2b7b3046c0295b4ddb5866ca

    • SHA256

      947a0938d118bfa0b8639598bd1b5aa197f5e163b7dc53988e2f420297f1ed2a

    • SHA512

      3ed05bef14418fd25b064665c4f4c2d35f976c8365e352c130a2661afab22e0050f8574b189a711e959f981e8c8f508c5249f06157efd5a5c2f99eb433bcb9cd

    • SSDEEP

      6144:uUQNXSZulaxl4khEfD3vb7biagmdpiLAmWR6GSF:bvhEfD3vriagmdpiLAmWR6j

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      Is_a_hand_written_custody_agreement_legal (omp).js

    • Size

      483KB

    • MD5

      5ed401a80f318847b0da8627a4460e76

    • SHA1

      bb8ed711de598261b700c7f705adaf17024eb3d2

    • SHA256

      de7a72d1bbdb88ae0679a48dfc259c728f5a64cd92dc60eac494e94298663246

    • SHA512

      5d1c35bed3948722db593e70b09801e16c623a2b07bfa0a21f3b3baa66e0d97d3a7390e3456cce69e38111ca3bac12bf428a61799d85c2f9e735b2a193e1de55

    • SSDEEP

      6144:eJirbQNZXSnulaxl4FhEfD3C9A7Biagmd4iLAmWo6kSF:eJir4oWhEfD3C9wiagmd4iLAmWo6B

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks