General
-
Target
possible_malware_2024-06-24_14_53_47.679865.zip
-
Size
4.9MB
-
Sample
240624-tgde3a1amc
-
MD5
ff5463e55b797ec0d25c6dab5ea2c061
-
SHA1
0c8cc9ea276a94c71e8426ee17ff51e25ef24144
-
SHA256
595d81dd4b8101e0ef7dcb979b797a344086f0b1bd5e9e5a433ee6a62af85a75
-
SHA512
448f1b2530f3ac8a76dd84d0696be641f897862610f40115ff96844e7b9fd0b125040576944f9ac7856595b925984d548370e24abfe46977e28b572c3577aa02
-
SSDEEP
98304:tGQBZIx4S2p4pHwxLtOhM1ZJNafVWJEJt8UpqAZy0WnoFQQEGXT06VcV:tpBZfSW/OhMbJk7JAAZytnM9TJA
Static task
static1
Behavioral task
behavioral1
Sample
contract scope definition 24628.js
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
contract scope definition 24628.js
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
contract scope definition 24628.js
-
Size
27.8MB
-
MD5
b29e22609c49250b81ddaaa15a0ac0e6
-
SHA1
73d7436f682c703ca6fa67bb496f39e1fa340912
-
SHA256
22664cda36be447f11391069feaa915d4c79e69a502cc9a845569cc3052a70d9
-
SHA512
9c1cfae7d364754cec67877e45169185f76dea70804f0083d32fab09e2d34cf99a90bf683e5c3f068740e90e7d717d28471a3ad17368aa3f926879baad0297b1
-
SSDEEP
49152:pbR08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDWbR08dPXWR4ba/JOtv:ec43m0c43m0c43m0c43m0c43m0c43ml
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-