General
-
Target
pa collective agreement pay 81727.js
-
Size
5.5MB
-
Sample
240524-py7ysadb94
-
MD5
6524c31a80c61c2d255cbeb448f7ed0e
-
SHA1
d4481a617ef1501e00422f8f56e5a79b27120d08
-
SHA256
7be565a3ba4a8ac193f32053f352b09bfa301411d84d256dd5b886040d6b265e
-
SHA512
63d48c8be16616919aa8ed5e5f61fb68d4ff6502ca1d1ec05867c3f48ee5fafb48417ca83fe3d9003cd7fcfba3dfaac569107b66a1678c674a995bbfa00769c9
-
SSDEEP
49152:rAytwpCQK+0lAytwpCQK+0lAytwpCQK+0lAytwpCQK+0lAytwpCQK+0p:rXXXXj
Static task
static1
Behavioral task
behavioral1
Sample
pa collective agreement pay 81727.js
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
pa collective agreement pay 81727.js
-
Size
5.5MB
-
MD5
6524c31a80c61c2d255cbeb448f7ed0e
-
SHA1
d4481a617ef1501e00422f8f56e5a79b27120d08
-
SHA256
7be565a3ba4a8ac193f32053f352b09bfa301411d84d256dd5b886040d6b265e
-
SHA512
63d48c8be16616919aa8ed5e5f61fb68d4ff6502ca1d1ec05867c3f48ee5fafb48417ca83fe3d9003cd7fcfba3dfaac569107b66a1678c674a995bbfa00769c9
-
SSDEEP
49152:rAytwpCQK+0lAytwpCQK+0lAytwpCQK+0lAytwpCQK+0lAytwpCQK+0p:rXXXXj
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-