General

  • Target

    illinois mold laws 93833.js

  • Size

    6.6MB

  • Sample

    240618-sle9sayfqb

  • MD5

    69b91189949561cf743e11c1339cae53

  • SHA1

    70a2b77219d0530e388335a9da62f44616b5bb96

  • SHA256

    309c5e86c1aea1c56c1042e2d8ed8579bf712e8b3ba92486f04c0300a6d13608

  • SHA512

    dd85a1071818c2caf46034597a2a9b07b0e1d352dd3bd0d5a8969e2143a1e527dd0e36bd5f9b514b17ef71649a5f84609f023194826e9c64a07a692b75a3c2eb

  • SSDEEP

    49152:VXytwpCQK+ZjXytwpCQK+ZjXytwpCQK+ZjXytwpCQK+ZjXytwpCQK+ZjXytwpCQV:V55555b

Malware Config

Targets

    • Target

      illinois mold laws 93833.js

    • Size

      6.6MB

    • MD5

      69b91189949561cf743e11c1339cae53

    • SHA1

      70a2b77219d0530e388335a9da62f44616b5bb96

    • SHA256

      309c5e86c1aea1c56c1042e2d8ed8579bf712e8b3ba92486f04c0300a6d13608

    • SHA512

      dd85a1071818c2caf46034597a2a9b07b0e1d352dd3bd0d5a8969e2143a1e527dd0e36bd5f9b514b17ef71649a5f84609f023194826e9c64a07a692b75a3c2eb

    • SSDEEP

      49152:VXytwpCQK+ZjXytwpCQK+ZjXytwpCQK+ZjXytwpCQK+ZjXytwpCQK+ZjXytwpCQV:V55555b

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks