Resubmissions

20-06-2024 13:44

240620-q2accs1ajh 10

20-06-2024 13:38

240620-qxh4pszglg 10

20-06-2024 13:15

240620-qhkc8azajd 10

20-06-2024 12:55

240620-p58hwsycke 10

20-06-2024 12:49

240620-p2g7jasdql 10

General

  • Target

    pa collective agreement pay 90174.js

  • Size

    18.5MB

  • Sample

    240620-q2accs1ajh

  • MD5

    c4d8fa6feaef5aba8eb9b2bd2b906176

  • SHA1

    31fef4eff4cda276264650c2dd1addbba9b03346

  • SHA256

    a330c0d7cabdfc88e979d72f69e0c9076964b1f16c805c445426cf2b61c9ea9a

  • SHA512

    6057bd5a06db48f567b8ed4ef66c67c6fc79b3f27ecfbf0b1dbb7e42e9cf7e37e0a9d9fd5097089868c9746acfe6602097eae5874d490151574fe3a01db6b5fd

  • SSDEEP

    49152:ojk08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDVjk08dPXWR4ba/JOtz:ac43mMc43mMc43mMc43ml

Malware Config

Targets

    • Target

      pa collective agreement pay 90174.js

    • Size

      18.5MB

    • MD5

      c4d8fa6feaef5aba8eb9b2bd2b906176

    • SHA1

      31fef4eff4cda276264650c2dd1addbba9b03346

    • SHA256

      a330c0d7cabdfc88e979d72f69e0c9076964b1f16c805c445426cf2b61c9ea9a

    • SHA512

      6057bd5a06db48f567b8ed4ef66c67c6fc79b3f27ecfbf0b1dbb7e42e9cf7e37e0a9d9fd5097089868c9746acfe6602097eae5874d490151574fe3a01db6b5fd

    • SSDEEP

      49152:ojk08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDVjk08dPXWR4ba/JOtz:ac43mMc43mMc43mMc43ml

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks