Overview

overview

10

Static

static

a_contract...vs).js

windows7-x64

10

a_contract...vs).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a contract of employment is deemed as a legal and binding document (25772).zip

  • Size

    77KB

  • Sample

    220928-26xt1aadem

  • MD5

    045a8eed15c8786f564c64f91f335f72

  • SHA1

    4c0e6f155b5dc098611ede33f1f3d0cb5fd70d83

  • SHA256

    8c99377f98e1805098241aecc5c63bd4c7f9540eb3305732e3dbbd94207083b9

  • SHA512

    ff557cb4fba3b110405f178ceb35944b59d781f81f90fceabf2032678413773a7b27e2f7f1900f2e47a13f35d1163dea44ed42f1b7012499dfa124fb3c462a8b

  • SSDEEP

    1536:p9syPEq5QyC3n+QkehmRf40MLzb5CbmD8V2q8pZMAQfhkPtYcgydO4Pxs4TDi0uD:pmyZQySn1sf40ML4Dr3f1cNdO4PxjM/

Score
10/10
gootloaderloader

Malware Config

Targets

    • Target

      a_contract_of_employment_is_deemed_as_a_legal_and_binding_document (lvs).js

    • Size

      255KB

    • MD5

      6e86b3ed71a0bf97465ccec58f43398f

    • SHA1

      85eda541a76c9b2b0d72b06d41544222797f818f

    • SHA256

      dca14bb1a1bc4649d8367ebb7ac3695562e52ae7d9bcf18dca2fa1c5ed7f4492

    • SHA512

      633a2f2d8c7b83b6e3e18f2d38b8f4ad6e7b10ddc8972bd926500eba22e0aab837949af8c7f139eee163cd3325b566e6da5e7d037d4046f61f36ccf837827b48

    • SSDEEP

      6144:yeLfh6Jmcr8uVaTdpsYmDwgFEFyY1vL/3VX82hLHIPf2+ADD1+RH:ynzYmD3mFyQs4MPfVADD8RH

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks