General
-
Target
Helicopter_sale_and_purchase_agreement (vi).js
-
Size
483KB
-
Sample
220922-qfhfvafcgk
-
MD5
11a4d886d19091e29c2e8f9f0c507397
-
SHA1
ed8843d9df3849aef379f48e5ea4a2224eba4e44
-
SHA256
eceb71fabde3bd92cc32390ffa078649043d15cd6432cceeb59394811f511578
-
SHA512
74e4e25e66fd55b197fa068a24961819216e96c851fbb3e996e8aecdcc635a900e0260fd6bb0047b225e03dfcee555e52a567075ea616dd2b35872ac1805950d
-
SSDEEP
6144:E8sQox+/ulaxl4khEfD3xA7Ciagmd4iLAmWR6dB5:x5dhEfD3xtiagmd4iLAmWR6h
Static task
static1
Behavioral task
behavioral1
Sample
Helicopter_sale_and_purchase_agreement (vi).js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Helicopter_sale_and_purchase_agreement (vi).js
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
Helicopter_sale_and_purchase_agreement (vi).js
-
Size
483KB
-
MD5
11a4d886d19091e29c2e8f9f0c507397
-
SHA1
ed8843d9df3849aef379f48e5ea4a2224eba4e44
-
SHA256
eceb71fabde3bd92cc32390ffa078649043d15cd6432cceeb59394811f511578
-
SHA512
74e4e25e66fd55b197fa068a24961819216e96c851fbb3e996e8aecdcc635a900e0260fd6bb0047b225e03dfcee555e52a567075ea616dd2b35872ac1805950d
-
SSDEEP
6144:E8sQox+/ulaxl4khEfD3xA7Ciagmd4iLAmWR6dB5:x5dhEfD3xtiagmd4iLAmWR6h
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-