Resubmissions

31-05-2024 00:12

240531-ahlchsge68 10

29-05-2024 18:45

240529-xd41dsee63 10

General

  • Target

    contracting officer warrant test sample 58887.js

  • Size

    8.8MB

  • Sample

    240531-ahlchsge68

  • MD5

    33da02d45d35dca896fca2d03c478f8b

  • SHA1

    9b3c01d445f8e3fb25b4c786a721e579e5f649fb

  • SHA256

    ccdb11c9b3ff0f96316f2f82c5073a199c67204aa6b155f18d7c8a0f2e092f1d

  • SHA512

    ce85b283b3a7493410943ef38de9969fef200c2e6a6bad1351e6996c420110fee034547008d5a3a1f9ff0b67a34843eae1e27c9c8fbf90439e9c633a47b16567

  • SSDEEP

    49152:VytwpCQK+XzytwpCQK+XzytwpCQK+XzytwpCQK+XzytwpCQK+XzytwpCQK+XzytG:n

Malware Config

Targets

    • Target

      contracting officer warrant test sample 58887.js

    • Size

      8.8MB

    • MD5

      33da02d45d35dca896fca2d03c478f8b

    • SHA1

      9b3c01d445f8e3fb25b4c786a721e579e5f649fb

    • SHA256

      ccdb11c9b3ff0f96316f2f82c5073a199c67204aa6b155f18d7c8a0f2e092f1d

    • SHA512

      ce85b283b3a7493410943ef38de9969fef200c2e6a6bad1351e6996c420110fee034547008d5a3a1f9ff0b67a34843eae1e27c9c8fbf90439e9c633a47b16567

    • SSDEEP

      49152:VytwpCQK+XzytwpCQK+XzytwpCQK+XzytwpCQK+XzytwpCQK+XzytwpCQK+XzytG:n

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks