General
-
Target
13-September-7996136135.zip
-
Size
395KB
-
Sample
220913-p5aa4affc6
-
MD5
4661b1442a0542799e80006f0d71434e
-
SHA1
9962772231c6d216e46932729b95cd48301390e6
-
SHA256
60fb7d5d08e4b91eb6978af3bcf3cc0143834fe0e98c7c3a7af7f7d52084e961
-
SHA512
0df6786940c67df19b99438f0a125008bcddc372f37a20fd59bfbf50afd4f38fd2f6e7aa23518bf5a6ae269ff91eaf7b8a97de8dcf97c98e213fc6b079b18c35
-
SSDEEP
12288:hmGyplHJfSFQJoCn46Bj0J3sPBe0TnPqI6Ww:gTnFkfCn4EjkyDe7T
Static task
static1
Behavioral task
behavioral1
Sample
Agreement_of_guiding_principles_(property_insurance) (envph).js
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
How_to_fill_t1-ovp_form (owvv).js
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
Iowa_uniform_premarital_agreement_act (ashi).js
Resource
win10-20220812-en
Behavioral task
behavioral4
Sample
Alberta_painting_collective_agreement (bycs).js
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
Agreement_of_guiding_principles_(property_insurance) (envph).js
-
Size
483KB
-
MD5
5f244e629f304cfa708a430457d7f28b
-
SHA1
ddd30b83da125316a01d2d1a58c9ca958ce1e536
-
SHA256
e5b9b96238ad4b273421fb5fa05765538633979f825ef2a529e6feced1b9bd01
-
SHA512
2098c953e843938af617913bdcac367066794841668f436e05c2c27cb358b1e75fd9189a87b3a4a6b71b74730a55b3103c10667bdd7591a1fdd4d7296f118ce6
-
SSDEEP
6144:EQmXQpulaxl44hEfDnxA7Viagmd4iLAmWR6xSF:pvhEfDnxmiagmd4iLAmWR6u
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
How_to_fill_t1-ovp_form (owvv).js
-
Size
483KB
-
MD5
6962b25999460084e0556b0482067eff
-
SHA1
354bc001089e5a4e9c4352b95bbf26d25858d2e6
-
SHA256
02e477b52df4ea910526f3bad988aeaabcb2ac4d5e98b4cbc47a4c36b32acf4f
-
SHA512
3d2fd051ee5d68a4eec4486c71914dd05010c75f9fb810258a6f78e3dab59996baed690d85a76f220b432e5ad3e88a1fb6347e0fc3e414da19c859c91a737113
-
SSDEEP
6144:xQW+tTulaxl4khEfD3xA7cGiagmd7iLAmWH6WSF:ChhEfD3xVGiagmd7iLAmWH6T
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
Iowa_uniform_premarital_agreement_act (ashi).js
-
Size
483KB
-
MD5
2a7e6581759011ecddedac7800afef34
-
SHA1
3c7bccab2789a97a511bcc34acd9a20402f491e7
-
SHA256
8869891e2142771fc5457c26edc1192022704647e0ce6b4d06b6c238b8e1cd2e
-
SHA512
e2b3447f8a1b3b12651801f7cc0e866a385111af8e4644ebaf0d8523f6d29f6add598c27c3afec2f50fae304008767a8505a391605ed32cfcb84576cdd81fb2f
-
SSDEEP
6144:+6Q/XSQulaxl4khEfD3hz7qiagmd4iLAmW96hGF:+qMhEfD3hCiagmd4iLAmW96y
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
-
-
Target
Alberta_painting_collective_agreement (bycs).js
-
Size
483KB
-
MD5
4ba91d567be33c97f2256dfeac4db2ad
-
SHA1
f60a79c0002daf7933b1cd0ec13eb533eeae83e3
-
SHA256
c2e6a362109e81acdb8d01c57a9bd898e6178254329c8b64be95e26543e225b5
-
SHA512
05d053c4a70e68d7a178cb69161d03d1e549be1871d5bc355590c8f41b6230eb4da1ec8b88cf9805cbefff85325cc4d0e2030a53b7a14adcee60e1e4c3f0bf1e
-
SSDEEP
6144:QQparEula2l4khEfD3xA7Xiagmd4iLAmWR6GSF:a3hEfD3x+iagmd4iLAmWR6j
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-