Overview

overview

10

Static

static

0c7b24793e...16c.js

windows10-1703-x64

10

1e9892e969...191.js

windows10-1703-x64

10

2a4516fba8...e80.js

windows10-1703-x64

10

3482b8e3b2...dff.js

windows10-1703-x64

10

448be4416d...9b4.js

windows10-1703-x64

10

48b4247e1a...7c9.js

windows10-1703-x64

10

5fc30d2cb4...460.js

windows10-1703-x64

8

780451d05c...b6f.js

windows10-1703-x64

10

7816c4bdfc...c57.js

windows10-1703-x64

10

bc00599c45...ffd.js

windows10-1703-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    29-09-2022 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bc00599c450caca3d02adf1c35c3c6882797870c917d79059edc971c0a9ffffd.js

  • Size

    483KB

  • MD5

    4519970bd4974c77a1093a6f4df43011

  • SHA1

    ed333af10b36ce7b7c0655b8b56a0e46b8d567cc

  • SHA256

    bc00599c450caca3d02adf1c35c3c6882797870c917d79059edc971c0a9ffffd

  • SHA512

    4c41171a9bbc731f15e404b80627fe3bf139fa974cd1adbe6346fcc2cc2220575d8086a4dc12f5fdc48abd4d193bf650359eb316cf03b7b07a0e82df3a4044bd

  • SSDEEP

    6144:DQbXQSula5l4khEfD3xA7tiagmd4iLAmW36aXF:tEhEfD3xciagmd4iLAmW360

Score
10/10
gootloaderloader

Malware Config

Signatures

  • GootLoader

    JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    loadergootloader
  • Blocklisted process makes network request 3 IoCs
  • Script User-Agent 3 IoCs

    Uses user-agent string associated with script host/environment.

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\bc00599c450caca3d02adf1c35c3c6882797870c917d79059edc971c0a9ffffd.js
    1⤵
    • Blocklisted process makes network request
    PID:4436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads