Resubmissions

07-09-2022 02:42

220907-c685laahe3 10

07-09-2022 02:32

220907-c1fabsahd3 10

General

  • Target

    Bws agreement 2020 (52386).zip.7z

  • Size

    98KB

  • Sample

    220907-c1fabsahd3

  • MD5

    c5cbf5a6b346b72e759ba2fa11da4f85

  • SHA1

    6ff52ac7e69426f4ecfd088f27b1345a31215aaa

  • SHA256

    40de705a10469be373a15ef6ea0a0c8d3ac6aba2e0467ecf19d46fea97c2ce87

  • SHA512

    1e8760d2b0d5ae9a827d76d3e8cc212057d8f4a9b080f1a78e2daeb1df4274bb94683363f6e4c1474ef15ebe0f8c60568b13ed63a9896291206aaf0a5497354c

  • SSDEEP

    1536:wrp44AFby4TI3LUQf0pLRj9BqVk80R1JE8bkii9qvj66LozDTq:wrp448s7UC+LRjMk/bY8vjATq

Score
10/10

Malware Config

Targets

    • Target

      Bws_agreement_2020 (cff).js

    • Size

      483KB

    • MD5

      1eb0afac12c4bae3a3fd238dd38feddc

    • SHA1

      135b3e89fd114fc590655df6a575800416afe379

    • SHA256

      5f6a9c6f3d8e243fce0af61ba82d82ce081020906b9b07490ea4988e1a0d7a8b

    • SHA512

      c6958530bdc1d74516bcd1a78688cc9ff358178f0a625e783dcb9dfaeb7a5c216c0255c2a18227a75eb00a9d906fe5a4a7f6ee474732734bcf48b639d8b8275d

    • SSDEEP

      6144:GQBXSEulaxl4khEfD3NA7Wiagmd4iLAmWh6CSF:kwhEfD3Nviagmd4iLAmWh6f

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks