Resubmissions

07-09-2022 02:42

220907-c685laahe3 10

07-09-2022 02:32

220907-c1fabsahd3 10

General

  • Target

    Bws agreement 2020 (52386).zip.7z

  • Size

    98KB

  • Sample

    220907-c685laahe3

  • MD5

    c5cbf5a6b346b72e759ba2fa11da4f85

  • SHA1

    6ff52ac7e69426f4ecfd088f27b1345a31215aaa

  • SHA256

    40de705a10469be373a15ef6ea0a0c8d3ac6aba2e0467ecf19d46fea97c2ce87

  • SHA512

    1e8760d2b0d5ae9a827d76d3e8cc212057d8f4a9b080f1a78e2daeb1df4274bb94683363f6e4c1474ef15ebe0f8c60568b13ed63a9896291206aaf0a5497354c

  • SSDEEP

    1536:wrp44AFby4TI3LUQf0pLRj9BqVk80R1JE8bkii9qvj66LozDTq:wrp448s7UC+LRjMk/bY8vjATq

Score
10/10

Malware Config

Targets

    • Target

      Bws agreement 2020 (52386).zip

    • Size

      98KB

    • MD5

      d82e02e6c3084dd048be565d57e6c7c1

    • SHA1

      dfc70baf5d54153f1b2e9cfcd766e60eac3710c6

    • SHA256

      359a1da978468835905db233992aae66c625a820410ff858bb8478fbefc7074b

    • SHA512

      2d41caeefc36b1b06cf90754259a09bcdb7de07f069982f28601bd1f1deca2cfbf9796e84a5b8db1b85decf4d600f7a6f689dc6b669fb973f856d7ebc7556b53

    • SSDEEP

      3072:3Bpd3sKob8yeg1TQ72ZCGd2RUj6mJlSF6k:xfI8I1g2ZCGd2RUj6Wk

    Score
    1/10
    • Target

      Bws_agreement_2020 (cff).js

    • Size

      483KB

    • MD5

      1eb0afac12c4bae3a3fd238dd38feddc

    • SHA1

      135b3e89fd114fc590655df6a575800416afe379

    • SHA256

      5f6a9c6f3d8e243fce0af61ba82d82ce081020906b9b07490ea4988e1a0d7a8b

    • SHA512

      c6958530bdc1d74516bcd1a78688cc9ff358178f0a625e783dcb9dfaeb7a5c216c0255c2a18227a75eb00a9d906fe5a4a7f6ee474732734bcf48b639d8b8275d

    • SSDEEP

      6144:GQBXSEulaxl4khEfD3NA7Wiagmd4iLAmWh6CSF:kwhEfD3Nviagmd4iLAmWh6f

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks