Overview

overview

10

Static

static

1

what dmv f...970.js

windows7-x64

3

what dmv f...970.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7de020329b6d3543aca1d7bd6f86adb4ec502ec46c5af308c79454a14089d288.zip

  • Size

    4.9MB

  • Sample

    240517-pdsclagh54

  • MD5

    27f20aab1f1b5f44e2ba6baa148301d1

  • SHA1

    1fa8a89bf7a5c0ad68b7dea0c25735fdc2847a8c

  • SHA256

    7de020329b6d3543aca1d7bd6f86adb4ec502ec46c5af308c79454a14089d288

  • SHA512

    9976bfc1b2dbf397be7cf52f82bf03a23d41430561395cd8dc1e1dbdeb6abae3cfc9c07c256248c50cd3bd96b9774dcec5361594045ece172ec1773c0306c80e

  • SSDEEP

    98304:3RLDbLdJRYDWAvdZly/Lh0NBTC7xo2nqtvF9d5G/CoD1kVfEdETEXzufD2fG/a9e:3RLDbLPRuWAvkh0DTC7V/9DQAESGva9e

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      what dmv forms do i need to sell my car in ny 88970.js

    • Size

      22.5MB

    • MD5

      37faffbf9559840ab26c368380015b7e

    • SHA1

      45751e456f6f6afb84ba4fb87566b29a3cbd451f

    • SHA256

      01812a0f68ccb64e1d1bf4dd7f329c2373ea7b7ba831a386d80f3e1b205fa400

    • SHA512

      2a14dd1abf5dbad4b308adb149fe89b9200a55c78ccef23b1bf384ed832e49d760c22f13b7e9c8235dce9b0b4c93c2b6308a1faa4f4544d476bf6751f32a4315

    • SSDEEP

      49152:j7hbzjCxbhqHlp4lOrN0uRh+YfTzeYzYTvri+8mem3NQ/2bMGscL3qtAOsgecEig:S

    Score
    10/10
    executiongootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks