Overview

overview

10

Static

static

0c7b24793e...16c.js

windows10-1703-x64

10

1e9892e969...191.js

windows10-1703-x64

10

2a4516fba8...e80.js

windows10-1703-x64

10

3482b8e3b2...dff.js

windows10-1703-x64

10

448be4416d...9b4.js

windows10-1703-x64

10

48b4247e1a...7c9.js

windows10-1703-x64

10

5fc30d2cb4...460.js

windows10-1703-x64

8

780451d05c...b6f.js

windows10-1703-x64

10

7816c4bdfc...c57.js

windows10-1703-x64

10

bc00599c45...ffd.js

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29-September-8017586222.zip

  • Size

    920KB

  • Sample

    220929-mjjljaaea4

  • MD5

    b1facbfdc6aed308da7c96539a5463b7

  • SHA1

    6a4c4bdce2eb5972a91f73fc7b77dfc4833bcad0

  • SHA256

    666e249275d61963bf4220af39016a2d11ac30c6a27d0503179625636665bae6

  • SHA512

    84c3aba694f38f11109060ea78f515a08806cc1a7208ac5e7d88121d8f7e00ac74ed4a3d97f20905d8dc77edb2076b4cdb37af585a63fdde29189ff07ed32b70

  • SSDEEP

    24576:nkc20q8uo9VYPjMTioSOOTvKGp7MeDEgPOM8A+yLV:nvdq8uo9+bg5S1TvKGp7MejPN8A+cV

Score
10/10
gootloaderloader

Malware Config

Targets

    • Target

      0c7b24793eb977294b87af72948a38f7872744a6aeb142054d56a91646e4f16c

    • Size

      483KB

    • MD5

      c57912758c805533a87df7d4b3b8ec03

    • SHA1

      393b6c1a91f976609be459705558f64858f8b9f4

    • SHA256

      0c7b24793eb977294b87af72948a38f7872744a6aeb142054d56a91646e4f16c

    • SHA512

      643e9c80663c291c4f53d310abfd276bef4ebbf960cc903ea061f757d88eab090b1381bad1363ed1da2f04ecd67fcf57f8736b972db3c51b755f7ef40b23ad7e

    • SSDEEP

      6144:8QvDDzulaxl4khEfD6xN7WiagmdjiLAmWR65XF:lBhEfD6xoiagmdjiLAmWR6X

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral1

    • Target

      1e9892e96998cf1854d5778c8ef8d738c3b30ef9ed8f182df3b6e2a0329fa191

    • Size

      483KB

    • MD5

      41c68ec218b7fc34ce8a6e33baf1e3bd

    • SHA1

      7e07f189211147ca259363cba364daca83734f6d

    • SHA256

      1e9892e96998cf1854d5778c8ef8d738c3b30ef9ed8f182df3b6e2a0329fa191

    • SHA512

      f6683c5e7cbcb2c15392510eada1eebf190ad1ef8c889ee7d0b5d1da834d3c21cd1e0abc1239bffbc402cfdb51280c242cfe892e085b7d42e930d8d11bfa0787

    • SSDEEP

      6144:nQEtSTulaxl4qhEfD/WA7Wiagmd4iLAmWA6vSF:MBhEfD/Wviagmd4iLAmWA6s

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral2

    • Target

      2a4516fba848b3ef6190f6c3235e21972c68228c943ea2e2b843d9237b690e80

    • Size

      483KB

    • MD5

      c658a7807ff7313e45124335c8640fc6

    • SHA1

      924d49dccd8deeeb9e97e4e1e6736b0d481d6c58

    • SHA256

      2a4516fba848b3ef6190f6c3235e21972c68228c943ea2e2b843d9237b690e80

    • SHA512

      276828706a2c4cf64d684b596d68e27e7c4c3be2455347e3d61553d58ff57fcaa590dc8cc2b95c63376cc230a923595a2b0712e9f5b797bfd682960f68717988

    • SSDEEP

      6144:1DdmQT67Wula8l4khEfD3JA7Wiagmd4iLAmWR6BSF:30zhEfD3Jviagmd4iLAmWR6e

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral3

    • Target

      3482b8e3b2eee3a0ea5f3905fa7902074332b4077e50d86ea89a2850f7657dff

    • Size

      483KB

    • MD5

      753c3799a9ac0f4fe4a7defc0e8b32f2

    • SHA1

      60568fb9692c6499f2705f63b9dc1180ca1610a1

    • SHA256

      3482b8e3b2eee3a0ea5f3905fa7902074332b4077e50d86ea89a2850f7657dff

    • SHA512

      29ce2a062f57a334f0e76be9c4a733d7fdc918c12d76e8268dddde91bd0103ce3633f66e33a36f8f8ca97a938c279276af1f2e9c0da99ee8e251a9a3c25c37e1

    • SSDEEP

      6144:/QaXAYulaxl4khEfD3xA7ziagmd4iLAmWR6ZSF:aUhEfD3xWiagmd4iLAmWR6G

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral4

    • Target

      448be4416d86334bb1d167ce8ae9f488fefe680e75d68955fbea1e36cd9309b4

    • Size

      39KB

    • MD5

      f77d5b794f444cf1d1444f580dab9cad

    • SHA1

      d1e87d5d9dd4bf646b2d8842e79f86792a8aa3e4

    • SHA256

      448be4416d86334bb1d167ce8ae9f488fefe680e75d68955fbea1e36cd9309b4

    • SHA512

      a2568c9e576b6f7d12e4296f5a6cba75c457c8e93aa3b5b87191f18c9426fab57e749627f5af731fc6c9826851a2b6478bc2613d38ef8b425a3ac9ff367aaa49

    • SSDEEP

      768:EjxuGwIWOrs7kd7RyXRIGQZbvzv6Yyt/WH+q4/f:E9AUrCieWi/f

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral5

    • Target

      48b4247e1a28c1159b8608588212f4cf49408039704c204b93f54abad56357c9

    • Size

      483KB

    • MD5

      b5b093e5ef60be0354e95e919ada3024

    • SHA1

      b73d629f8871e102425a570dc2ba491621e91452

    • SHA256

      48b4247e1a28c1159b8608588212f4cf49408039704c204b93f54abad56357c9

    • SHA512

      2e84d51cddf2dac4afbed0af1a0da6da4cc2bd3ed6dd66c9e5ec997e3e581e93de28cd2d6f05ae3d3bf7880271b1d5473a0cec8b5f88553b0eb41e4a4209bc0c

    • SSDEEP

      6144:JQCtZHulaxl4khEfD3lAyWiagmd4iLAmWU6EhqG:HlhEfD3lUiagmd4iLAmWU6QH

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral6

    • Target

      5fc30d2cb4ce3b291396c89bdb153c12eb3263c2e84744bb9323b2d9f4c8c460

    • Size

      483KB

    • MD5

      1d25c8f443cf76ece6d21ffde6650322

    • SHA1

      8c3b813a605762152996290415c0db7d6ac87ce0

    • SHA256

      5fc30d2cb4ce3b291396c89bdb153c12eb3263c2e84744bb9323b2d9f4c8c460

    • SHA512

      3048df7f90c48f4d5856ba84198e03adbb9dc1b6aee1bdda78712b9f4e799dc8ac48f80c229a165195893cff8abd186c17e5ea346bf90db4b28b5e94b0435bde

    • SSDEEP

      6144:vhQxXMjulaxl4iehEfDObA7Oiagmd4iLAmWF6xSF:vrehEfDObjiagmd4iLAmWF6u

    Score
    8/10

    • Blocklisted process makes network request

    behavioral7

    • Target

      780451d05ca663fbe10c0eba45205a7f1570ae8b00b74d8b04b7b2c10a628b6f

    • Size

      483KB

    • MD5

      23977d9bea5555b14c3f53a7dc277a12

    • SHA1

      8d26c7978e23c99ae4db921ca96b40d88a6d05f8

    • SHA256

      780451d05ca663fbe10c0eba45205a7f1570ae8b00b74d8b04b7b2c10a628b6f

    • SHA512

      79524bdf05be2f6b5b6d67f2bc97036fd61f9a529fad45fa7a636d2e6669f3e70be0f473c706de8d4540b72b130a273048ff142bdef7a00af14882f606358cb3

    • SSDEEP

      6144:LWQkePD3ula0rl4QhEfD3wxHWiagmd4iLAmWR6NSF:lYhEfD3w4iagmd4iLAmWR66

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral8

    • Target

      7816c4bdfcabb5448fe46631a91ddc0d98fb0513d7d943463ca2b1a6ca01bc57

    • Size

      483KB

    • MD5

      c746d4689bc3110012e141d167a3da5d

    • SHA1

      4aa455a5914df357ea0821b4b2b6cf6216746d95

    • SHA256

      7816c4bdfcabb5448fe46631a91ddc0d98fb0513d7d943463ca2b1a6ca01bc57

    • SHA512

      f321bd439db19c2639a66b3e881b61bfbb3090845f89e5b94dcee983b10290a66befc9a5d37f65f386c37d7129ef17aed2f3b3c449f98dc6a5ae03829082397c

    • SSDEEP

      6144:ZQ2YXSTulaxl4khEfD1Dn7Giagmd4iLAmWR6b5F:fRhhEfD1Daiagmd4iLAmWR67

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral9

    • Target

      bc00599c450caca3d02adf1c35c3c6882797870c917d79059edc971c0a9ffffd

    • Size

      483KB

    • MD5

      4519970bd4974c77a1093a6f4df43011

    • SHA1

      ed333af10b36ce7b7c0655b8b56a0e46b8d567cc

    • SHA256

      bc00599c450caca3d02adf1c35c3c6882797870c917d79059edc971c0a9ffffd

    • SHA512

      4c41171a9bbc731f15e404b80627fe3bf139fa974cd1adbe6346fcc2cc2220575d8086a4dc12f5fdc48abd4d193bf650359eb316cf03b7b07a0e82df3a4044bd

    • SSDEEP

      6144:DQbXQSula5l4khEfD3xA7tiagmd4iLAmW36aXF:tEhEfD3xciagmd4iLAmW360

    Score
    10/10
    gootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    behavioral10

MITRE ATT&CK Matrix

Tasks