General

  • Target

    Airlines_under_agreement_with_bangkok_airways (eibcm).js

  • Size

    483KB

  • Sample

    220908-p1e1sabgdn

  • MD5

    d5cc3b51213e96e79430b473e4a6c1b7

  • SHA1

    82fbcdf0f91e6af506fbb1c0d83ae11133f6b0f7

  • SHA256

    e116b7b31ccddd17b1ed883d7cbeb290dd2da5e822fbed6bf555bf31c0d2a4cb

  • SHA512

    cc0e7df455950a663881503189b57b7244fe4c540bd9565c30edaa48959ef4ee4ad294536057efa2d7acb1eaa279a3c83c5eab9180fbe385eb02d1ad0d14eb53

  • SSDEEP

    6144:HQXifSXulaxl49hEfD3XA7riagmdNiLAmWR62HF:quhEfD3XWiagmdNiLAmWR6e

Score
10/10

Malware Config

Targets

    • Target

      Airlines_under_agreement_with_bangkok_airways (eibcm).js

    • Size

      483KB

    • MD5

      d5cc3b51213e96e79430b473e4a6c1b7

    • SHA1

      82fbcdf0f91e6af506fbb1c0d83ae11133f6b0f7

    • SHA256

      e116b7b31ccddd17b1ed883d7cbeb290dd2da5e822fbed6bf555bf31c0d2a4cb

    • SHA512

      cc0e7df455950a663881503189b57b7244fe4c540bd9565c30edaa48959ef4ee4ad294536057efa2d7acb1eaa279a3c83c5eab9180fbe385eb02d1ad0d14eb53

    • SSDEEP

      6144:HQXifSXulaxl49hEfD3XA7riagmdNiLAmWR62HF:quhEfD3XWiagmdNiLAmWR6e

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks