Overview

overview

10

Static

static

1

malicious.js

windows7-x64

3

malicious.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malicious.js

  • Size

    9.9MB

  • Sample

    240611-zxyzla1gmp

  • MD5

    9fe82b58b7aab5786dc5e3218353828c

  • SHA1

    62089cd04e6ae9ced185069caec25487e1a4ff06

  • SHA256

    4087fa18c34c9e1ea1c98c58b6daf357eb14d1ab8d1c526219ecf4d6afbb9e20

  • SHA512

    df3dff40522e393ba937e7a643c957a22eaa9c703c05d37de13a4912f7c1d1e92a2e1fb6bbf0d832c642f7a37f055be0909c400bd437b08a3275705de73a637e

  • SSDEEP

    49152:F8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK:FIIIIIIII+

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      malicious.js

    • Size

      9.9MB

    • MD5

      9fe82b58b7aab5786dc5e3218353828c

    • SHA1

      62089cd04e6ae9ced185069caec25487e1a4ff06

    • SHA256

      4087fa18c34c9e1ea1c98c58b6daf357eb14d1ab8d1c526219ecf4d6afbb9e20

    • SHA512

      df3dff40522e393ba937e7a643c957a22eaa9c703c05d37de13a4912f7c1d1e92a2e1fb6bbf0d832c642f7a37f055be0909c400bd437b08a3275705de73a637e

    • SSDEEP

      49152:F8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK+Tf8ytwpCQK:FIIIIIIII+

    Score
    10/10
    executiongootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks