Overview

overview

10

Static

static

1

does a col...392.js

windows7-x64

3

does a col...392.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Does_a_collective_agreement_override_the_esa_87642.zip

  • Size

    3.3MB

  • Sample

    240624-s6ffaazdqe

  • MD5

    f3a266ffbf784613eb10801ab3631019

  • SHA1

    77ce7159db3474f72fe7e64b1ed7af415ba76ad5

  • SHA256

    006fcd3369ad2bc0749290f833dab91f726bf3345deea85469ac41a06113a7a7

  • SHA512

    5e8ac5374733e4a717ae92f2e5c3f00dc5c9b09e40ec85b29d1df5d9403e489372a3cbb7d99204d069df886caee9017c246a60080329b3c0ff73ea5f26841f43

  • SSDEEP

    49152:t2jbC83Xu2bNC1wbm99J45vPAa35/b1KCpYsDkevYpLApPuq3t/RvD2QcqSlTb8u:tEPTweYIxF15lzY43j2QxSlTbK24LCh

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      does a collective agreement override the esa 65392.js

    • Size

      18.5MB

    • MD5

      f749b6b1f14d5982a274d354bb77ebf5

    • SHA1

      8d434865062b21ac7169535db50cde183d1a4b64

    • SHA256

      3829dd964b236489de16a156f522f380b71eeafea22030aa0050138d5b573494

    • SHA512

      01051367eb9f43b76fdd91bf9b46297a3f8ac4c4e67587f9733dfcf588b49454869e1e05ccc8c35db36b900f92d8d6ca18d44f2218fa4c0fea72297a711fe5a1

    • SSDEEP

      49152:Wm008dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtD1m008dPXWR4ba/JOt/:vc43mVc43mVc43mVc43ml

    Score
    10/10
    executiongootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks