Overview

overview

10

Static

static

1

pa collect...495.js

windows10-2004-x64

10

Resubmissions

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pa collective agreement pay 27495.js

  • Size

    9.9MB

  • Sample

    240604-nl85msef6t

  • MD5

    0db1d9b6db4e0e83eea894674c21b44d

  • SHA1

    0f1643fa489b6c6f740237131129e7edbf90ec82

  • SHA256

    e00275042b4f4807a1d4098113e011e0d4c0656ecb88af420c728a180eef60be

  • SHA512

    80c5f41e2773d9f2f83b7292fc2b2672d75396e5017c471270d5963af1f38cfd49fb38a9dbc268dca0694572a9dfd10d0c3dc274c072243c6b293494796a1b84

  • SSDEEP

    49152:4ytwpCQK+UCytwpCQK+UCytwpCQK+UCytwpCQK+UCytwpCQK+UCytwpCQK+UCytJ:h

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      pa collective agreement pay 27495.js

    • Size

      9.9MB

    • MD5

      0db1d9b6db4e0e83eea894674c21b44d

    • SHA1

      0f1643fa489b6c6f740237131129e7edbf90ec82

    • SHA256

      e00275042b4f4807a1d4098113e011e0d4c0656ecb88af420c728a180eef60be

    • SHA512

      80c5f41e2773d9f2f83b7292fc2b2672d75396e5017c471270d5963af1f38cfd49fb38a9dbc268dca0694572a9dfd10d0c3dc274c072243c6b293494796a1b84

    • SSDEEP

      49152:4ytwpCQK+UCytwpCQK+UCytwpCQK+UCytwpCQK+UCytwpCQK+UCytwpCQK+UCytJ:h

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks