General
-
Target
Age_requirement_to_pick_up_prescriptions_3193.zip
-
Size
4.1MB
-
Sample
240617-qhmhkswfpn
-
MD5
80e2758f6346aeb7b559a1811c3e862e
-
SHA1
ead39ae074614c205276cfad7d837e731427ffd7
-
SHA256
8964cd61002dc41349134f9261a035d97ac7b9915952a7e8a687a0b111fa5f91
-
SHA512
6aa842e2479cffba6bd4457c30faa8468a9e428ddf897dbbc838e1eba5d7033c3e26464d3f8d7e38ffea504d66310a4edc9b3afdd5a401678985c2a6f1ea2d15
-
SSDEEP
98304:fUnl6NQuWXNPZPSAu2nQVP5/0GPG5lYwlFaZTF6d:fUnCQuWXNA2nyPTSdd
Malware Config
Targets
-
-
Target
age requirement to pick up prescriptions 35941.js
-
Size
23.2MB
-
MD5
c1072ceb23d7402dc2d6c1e7845741ed
-
SHA1
371f973b89330c78873e99aa164b57f12092be88
-
SHA256
3f68747daf0d5df410051f6e90b26d30405a13526076fe9d6bbe3cdee2029bbd
-
SHA512
52a338273d5d1b6fff7594ddecd06a40163a1416462e837543b6fc54c127cfd0389cafaa6f495859c99dccee299e928a7d1f673f34c24be60fba72833f300431
-
SSDEEP
49152:IPb08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDpPb08dPXWR4ba/JOtW:fc43mFc43mFc43mFc43mFc43ml
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-