Resubmissions

12-09-2022 19:13

220912-xw6lyahfhr 10

General

  • Target

    12-september-2-7976836135.zip

  • Size

    397KB

  • Sample

    220912-xw6lyahfhr

  • MD5

    a68024fe9bb5742997597e898d5a7031

  • SHA1

    68ecf4cc9b2e7ef91c5b6adc803ad4e9ddc38338

  • SHA256

    8cdf70e57177f9623574059ef1f524a07a91f45bb876549e6e7823ec59f6acaa

  • SHA512

    66ab07968c4f64f0ea2766ebbf01bb5bccc4889fbe9e46f06a78d54b4671e619410af39b8b56900b4f9b4997accc9d5413d99919e02a4d4d63618494313d7092

  • SSDEEP

    12288:W0J3sPBe0TnPqI6WkjVIwCNYkl9QUrav2S2Qk:WkyDe7XjVIwCNJ/7av2S29

Score
10/10

Malware Config

Targets

    • Target

      Agreement_of_guiding_principles_(property_insurance) (envph).js

    • Size

      483KB

    • MD5

      5f244e629f304cfa708a430457d7f28b

    • SHA1

      ddd30b83da125316a01d2d1a58c9ca958ce1e536

    • SHA256

      e5b9b96238ad4b273421fb5fa05765538633979f825ef2a529e6feced1b9bd01

    • SHA512

      2098c953e843938af617913bdcac367066794841668f436e05c2c27cb358b1e75fd9189a87b3a4a6b71b74730a55b3103c10667bdd7591a1fdd4d7296f118ce6

    • SSDEEP

      6144:EQmXQpulaxl44hEfDnxA7Viagmd4iLAmWR6xSF:pvhEfDnxmiagmd4iLAmWR6u

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      Iowa_uniform_premarital_agreement_act (ashi).js

    • Size

      483KB

    • MD5

      2a7e6581759011ecddedac7800afef34

    • SHA1

      3c7bccab2789a97a511bcc34acd9a20402f491e7

    • SHA256

      8869891e2142771fc5457c26edc1192022704647e0ce6b4d06b6c238b8e1cd2e

    • SHA512

      e2b3447f8a1b3b12651801f7cc0e866a385111af8e4644ebaf0d8523f6d29f6add598c27c3afec2f50fae304008767a8505a391605ed32cfcb84576cdd81fb2f

    • SSDEEP

      6144:+6Q/XSQulaxl4khEfD3hz7qiagmd4iLAmW96hGF:+qMhEfD3hCiagmd4iLAmW96y

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      940b0242c2488d3200d5eb6527de67bc73af8280734b544f60877a9ebd88f936

    • Size

      483KB

    • MD5

      48b9f45c6ade34209685bbf076a92c7f

    • SHA1

      bd726c9fbe26398c5751d5d37bba846d7961b4cd

    • SHA256

      940b0242c2488d3200d5eb6527de67bc73af8280734b544f60877a9ebd88f936

    • SHA512

      437939519bb32c1c14f1d3250c40de4043e48e55b4cefa99512e30e4da21843d83853378f22ba3205d61ce9016e51eadc4904d72da71a8ff47712f604e2b70a7

    • SSDEEP

      6144:/XSQn90Yulabl4khEfD1Eu7Wiagmd4iLAmWb65SF:ichEfD1EFiagmd4iLAmWb6m

    Score
    1/10
    • Target

      Ttc_local_113_collective_agreement (gjz).js

    • Size

      483KB

    • MD5

      9a98fbf79248e5ec47d68c6079911373

    • SHA1

      f4dcef02663f87c5be68ed14c9da3894bf5ee4ad

    • SHA256

      cf289365a712b071fb54a4fe548f55c4f569cf21471267bd4abda272a07f0177

    • SHA512

      688c41d5196567a205131a102f7bdbb77a6cf0a1ecc67890cf3a5ccc26656a3a04f772145ba8d32773ef86a9802211bb178814be4cc8ff1cc63420df0e088c35

    • SSDEEP

      6144:2QlqGTTulaxl4HhEfD3CA79iagmd4iLAmWm6xbF:1uhEfD3Ceiagmd4iLAmWm6j

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks