General
-
Target
836624d96a0d0e619a59ddc2ce0dac6a5afd4bd693472992d1e54bf0e4016c82
-
Size
6.3MB
-
Sample
240703-nvxg7s1dph
-
MD5
23cdcf4eb7e0cbb9a410f8853af95332
-
SHA1
c5233d698b1f3685ccf9e0eca88016e1eb8bdae5
-
SHA256
836624d96a0d0e619a59ddc2ce0dac6a5afd4bd693472992d1e54bf0e4016c82
-
SHA512
d6f94b4e3aa4aa7d42c1a2ac41037b61b80cea9e7d564fc5df3676f75df1ce105153261d5ff9e83a84cc8f3fc616ebda9b71f1b33be7f4cdcfdc4b73c488074c
-
SSDEEP
196608:dtWHCWLO+nWQFMgcx7xvx1tDOkH6D6kBXYdVdY:d9Wzqx7xRarX8dY
Static task
static1
Behavioral task
behavioral1
Sample
sending legal notice via email 72935.js
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
sending legal notice via email 72935.js
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
sending legal notice via email 72935.js
-
Size
28.9MB
-
MD5
640da8fe1e546638738b49247a4fe9de
-
SHA1
63c172ea5ec4adce6ebeafb4936fe9ebb394906f
-
SHA256
6f90f50b45180f9537db95146b6e71c116fe58a777b12f825eb060441bc3f3e7
-
SHA512
58bacfbd626663a33b9ceafffc7e40caaeece01ea95fca32adbf06096debe9450d393309516052fb312e335387df40d9dc5d6899b97925354bac73ef6eb2fda8
-
SSDEEP
49152:W7BuzjCxb4qHlp4Bh3N0yXhxIB9z4YzYBHvG+80GI30e/oHfGSdh3qusBogUcE/Q:b
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-