General
-
Target
Helicopter_sale_and_purchase_agreement (gd).js
-
Size
483KB
-
Sample
220908-rwqmtsege9
-
MD5
0d3c60df314c8bc1d2516ba5fa2bccc2
-
SHA1
1b80d4a93668acdef77baa838b551cb41c3da27c
-
SHA256
2db9e4c55ea6a36500ba52ba9ba264ac9bb12a0044981796c15aa09615d6ed9e
-
SHA512
ec2374c38351cfad858e24ee44db3bfea12728913d5243cfe446adfe75664084b5f34b6657da5167428af41836390f7e280d103470448b326fcaf73cbc8fdf63
-
SSDEEP
6144:XQjwSTulaxl4EhEfD37A7Diagmd4iLAmWR6FGF:YrhEfD37Uiagmd4iLAmWR6e
Static task
static1
Behavioral task
behavioral1
Sample
Helicopter_sale_and_purchase_agreement (gd).js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Helicopter_sale_and_purchase_agreement (gd).js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Helicopter_sale_and_purchase_agreement (gd).js
-
Size
483KB
-
MD5
0d3c60df314c8bc1d2516ba5fa2bccc2
-
SHA1
1b80d4a93668acdef77baa838b551cb41c3da27c
-
SHA256
2db9e4c55ea6a36500ba52ba9ba264ac9bb12a0044981796c15aa09615d6ed9e
-
SHA512
ec2374c38351cfad858e24ee44db3bfea12728913d5243cfe446adfe75664084b5f34b6657da5167428af41836390f7e280d103470448b326fcaf73cbc8fdf63
-
SSDEEP
6144:XQjwSTulaxl4EhEfD37A7Diagmd4iLAmWR6FGF:YrhEfD37Uiagmd4iLAmWR6e
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-