Resubmissions

07-09-2022 12:07

220907-papsascad9 10

07-09-2022 11:55

220907-n3rlxshcbj 10

General

  • Target

    7-Sept-7964396133.zip

  • Size

    301KB

  • Sample

    220907-n3rlxshcbj

  • MD5

    a65cbc370967a07ca3f6906941edb344

  • SHA1

    cf3e2dc03c3c50b9d4c881f10dc7f14b69372dba

  • SHA256

    9a968d2448af89f2dae0d887c794857fe68bf005b011aa62b41e29b305d281ae

  • SHA512

    a76199d677b54ded10ac291065f17ae1e4862ecc259d4bd6e2b5b8f3b9e07ffd6ff9245a60f3673e3d06d396b271e2b9b5b3dda38c74cb0b20ede822e2e81522

  • SSDEEP

    6144:Kz4Ph3hYJTpCJ7BAa/dDEkBg7LRGHXx04LsFsthKMQisd4vw:Kz4PxhYJtCJNv/dDp8GHXq4Law8MQz4I

Score
10/10

Malware Config

Targets

    • Target

      710f2efbe32f719f6d3be0830b598aed5e5ce7aecd37bf1fda3ebe11e5737eba

    • Size

      483KB

    • MD5

      5cc9ce54aacd8cda0b335a3d7be52fe1

    • SHA1

      d510630848807220df5bfa54f8fdd329e596c1bd

    • SHA256

      710f2efbe32f719f6d3be0830b598aed5e5ce7aecd37bf1fda3ebe11e5737eba

    • SHA512

      07c29aed0c951dc0047f5283871b866fd2ff11ca76de19e8eee609ad877319e8d5bb88f32aa02abb537a62cc2cc6dc386c81c5fa39900e8167ae05f13213b6d2

    • SSDEEP

      6144:vQaySTulaxl4khEfD3xA72iagmd4iLAmWR6CSy:1hhEfD3xTiagmd4iLAmWR6c

    Score
    1/10
    • Target

      ad85754eee8b72117792559d9a4cb1f5c5e9899a0d91664a60fd0e93d7fdfc4d

    • Size

      483KB

    • MD5

      0da3b95b53dbaa67cb7639b28bf1482e

    • SHA1

      def2d07b647efea07ddfbb73de33fcec376d9608

    • SHA256

      ad85754eee8b72117792559d9a4cb1f5c5e9899a0d91664a60fd0e93d7fdfc4d

    • SHA512

      487128446b1644481c357f7e36e1acf14d5ba3c283d1db10351c15f232d1099d8241b3820667e65d8ae8d2951ca9d5f7b98d02da1e6470e8f37e3129ca232d49

    • SSDEEP

      6144:EQjXSqulaxl4khEfD3/h7kiagmd4iLAmWR65SJ:E+hEfD3/iiagmd4iLAmWR6m

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      Greater_western_water_enterprise_agreement (fbd).js

    • Size

      483KB

    • MD5

      394fb803e598b020f023832d62f3600f

    • SHA1

      7d4615d586465d89b002347616c53e64296586c3

    • SHA256

      5594b66c97893143cc02c8aadbc0a5e7b944f51566bcd273b8c09b801dec0606

    • SHA512

      174b62dfa3f6fdcc2bbd23066ef1f150fa94ae657a80dba27a0ff08a8285cedf32f1e0aaebfe22b6df94e3d574ffc764925050eb0dba7bf1ea662df5ab1dc6ac

    • SSDEEP

      6144:pQE1aSUulaxl43hEfD3SA7Wiagmd4iLAmWR6BSa:pThEfD3Sviagmd4iLAmWR6r

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks