Resubmissions

24-06-2024 17:15

240624-vstf4atdke 10

24-06-2024 16:01

240624-tgde3a1amc 10

General

  • Target

    possible_malware_2024-06-24_14_53_47.679865.zip

  • Size

    4.9MB

  • Sample

    240624-tgde3a1amc

  • MD5

    ff5463e55b797ec0d25c6dab5ea2c061

  • SHA1

    0c8cc9ea276a94c71e8426ee17ff51e25ef24144

  • SHA256

    595d81dd4b8101e0ef7dcb979b797a344086f0b1bd5e9e5a433ee6a62af85a75

  • SHA512

    448f1b2530f3ac8a76dd84d0696be641f897862610f40115ff96844e7b9fd0b125040576944f9ac7856595b925984d548370e24abfe46977e28b572c3577aa02

  • SSDEEP

    98304:tGQBZIx4S2p4pHwxLtOhM1ZJNafVWJEJt8UpqAZy0WnoFQQEGXT06VcV:tpBZfSW/OhMbJk7JAAZytnM9TJA

Malware Config

Targets

    • Target

      contract scope definition 24628.js

    • Size

      27.8MB

    • MD5

      b29e22609c49250b81ddaaa15a0ac0e6

    • SHA1

      73d7436f682c703ca6fa67bb496f39e1fa340912

    • SHA256

      22664cda36be447f11391069feaa915d4c79e69a502cc9a845569cc3052a70d9

    • SHA512

      9c1cfae7d364754cec67877e45169185f76dea70804f0083d32fab09e2d34cf99a90bf683e5c3f068740e90e7d717d28471a3ad17368aa3f926879baad0297b1

    • SSDEEP

      49152:pbR08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDWbR08dPXWR4ba/JOtv:ec43m0c43m0c43m0c43m0c43m0c43ml

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks