Overview

overview

10

Static

static

1

pa collect...108.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    pa collective agreement pay 95108.js

  • Size

    8.8MB

  • Sample

    240607-pyqz9sgb8s

  • MD5

    76120f871de4b312a0468aee2003c06f

  • SHA1

    ebc5abb9d37473a415aab26f6de89ad22c05c99d

  • SHA256

    896167e62d83253ff6a4ede9632beedd61bcdad8bf99ee062ba6ea84fb9ea655

  • SHA512

    637adf346e17d064f6750d7d2e4b8b99e0b7baeccc5e799e6f23383d1c676e03043f24ea0cd38ffc98da98210975a933ba63862a61cd617f67ccae44b1b07d83

  • SSDEEP

    49152:+ytwpCQK+oYytwpCQK+oYytwpCQK+oYytwpCQK+oYytwpCQK+oYytwpCQK+oYytB:n

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      pa collective agreement pay 95108.js

    • Size

      8.8MB

    • MD5

      76120f871de4b312a0468aee2003c06f

    • SHA1

      ebc5abb9d37473a415aab26f6de89ad22c05c99d

    • SHA256

      896167e62d83253ff6a4ede9632beedd61bcdad8bf99ee062ba6ea84fb9ea655

    • SHA512

      637adf346e17d064f6750d7d2e4b8b99e0b7baeccc5e799e6f23383d1c676e03043f24ea0cd38ffc98da98210975a933ba63862a61cd617f67ccae44b1b07d83

    • SSDEEP

      49152:+ytwpCQK+oYytwpCQK+oYytwpCQK+oYytwpCQK+oYytwpCQK+oYytwpCQK+oYytB:n

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks