General
-
Target
Are_flares_legal_uk_46331.zip
-
Size
1.1MB
-
Sample
240525-ly41cada8z
-
MD5
f9496b44adbbd66ec9e419708d4ebb56
-
SHA1
510fcdd700750a3da32339615eb0680a828bd23b
-
SHA256
b44a1716a44b9c36136eded884f109548edfe605613cc92bf039b9bfe7052ff4
-
SHA512
bef6336884ef9067802fee6bd4ab54a469c9fbe89de702a919e268fd598540421272859956d89be36b74a3a71b925d71ba520ea79fc96f95fe9ad9b2ca8dd9e1
-
SSDEEP
12288:Njyl52HUZ2W3qFjTGCL5zTG7EdvRKo3SrNGmJ7j0sMrF3rpilPEcAdm067SgPS:NjeKNFzfKx5G6lMvAeI067S
Static task
static1
Behavioral task
behavioral1
Sample
are flares legal uk 1210.js
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
are flares legal uk 1210.js
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
are flares legal uk 1210.js
-
Size
4.4MB
-
MD5
92845fcec6241a5f166f082b074f17ff
-
SHA1
c36a8f4a92e8f2982af6bab52c2f0dd0e92e1f72
-
SHA256
b730fce1dc9df3354e38373a37d5b3f1d1f587db85f19d7106aa7a2a392430c2
-
SHA512
70e7ad68de0da324a13e5f20068ae555ca8b589862aa8472efd6224b119d3d9fa53dae36f1e5a27c93a7b21150a44c29fae272469c652ef17fabe2584671f666
-
SSDEEP
49152:yytwpCQK+lIytwpCQK+lIytwpCQK+lIytwpCQK+lp:n
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-