General

  • Target

    23-September-8075966120.zip

  • Size

    189KB

  • Sample

    220923-wwbwwshfa7

  • MD5

    673ddc8bc4632ad0d72078673914cdec

  • SHA1

    ada1db653921c77f928d423cc0e29fda11bf0d41

  • SHA256

    bffa3647c286b949d1e65d526fedf0c95fef899e201cda84de213ba2a8f9b46e

  • SHA512

    4fa1b856df6ff994dd0933285e0b3c403efdf31daea3155df95c2502424cfe51af991d1e96da121054d6cfc322717a879344ec04391432cc04e2632f679af9d8

  • SSDEEP

    3072:Pqa6vEtzetVaK+nqFtPU0OuVnWWFDP/ZslNq+6+vF1NkrbLLZZwX495I8rKFWjiy:iTEErx+nqF2uVHDXClNL6SFQrfn3IXMP

Score
10/10

Malware Config

Targets

    • Target

      5fc30d2cb4ce3b291396c89bdb153c12eb3263c2e84744bb9323b2d9f4c8c460

    • Size

      483KB

    • MD5

      1d25c8f443cf76ece6d21ffde6650322

    • SHA1

      8c3b813a605762152996290415c0db7d6ac87ce0

    • SHA256

      5fc30d2cb4ce3b291396c89bdb153c12eb3263c2e84744bb9323b2d9f4c8c460

    • SHA512

      3048df7f90c48f4d5856ba84198e03adbb9dc1b6aee1bdda78712b9f4e799dc8ac48f80c229a165195893cff8abd186c17e5ea346bf90db4b28b5e94b0435bde

    • SSDEEP

      6144:vhQxXMjulaxl4iehEfDObA7Oiagmd4iLAmWF6xSF:vrehEfDObjiagmd4iLAmWF6u

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Target

      ab415370f0033fbddc4ff5fe7de318e6df15b902714b69fbc235db6da41a2348

    • Size

      296KB

    • MD5

      261fd5425a60b044c5f9a584473b2a10

    • SHA1

      66bef53d081fd7e4336bd55adea6cd1eda1bb740

    • SHA256

      ab415370f0033fbddc4ff5fe7de318e6df15b902714b69fbc235db6da41a2348

    • SHA512

      883045f862cb1a54309f2f04db5fb58c789b61235925d85549463cadcee516cbf319ed30865feef180fd950bb18a56f8d1c779db0164d45eb798aaa173bd388c

    • SSDEEP

      6144:iaaKxfbLY8Cv4okFFmwLFbP60y3JEBI/Hw0KUWrE4/Xp89NwzY1Z5nOeK2+pHeJy:wOLFbPD2kIY0KUWrE4/589bE7vHeyb7l

    Score
    10/10
    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks