General

  • Target

    314f60d206cb29ccb06463f20c5f145cefcb19e494628876dbf18f9f7daa748b

  • Size

    3.3MB

  • Sample

    240708-vjbvpa1fme

  • MD5

    faa45fe8f95bd414551017f00930b806

  • SHA1

    95be3164b9f32988e6e2caf0a13e9f64fba6f00f

  • SHA256

    314f60d206cb29ccb06463f20c5f145cefcb19e494628876dbf18f9f7daa748b

  • SHA512

    189bf47b0827130898e8c5aa9a44b8da61f4eb879331a7161da9602c6a368d500c69794a999b9aac9c53ebe2a39759112e2b3ea545bd5abcb64c6419e3e04e22

  • SSDEEP

    98304:MWJ3RbJWPtKiv5KPRC3josAaWyl7FH2lF:j3W1m5ejCrylBoF

Malware Config

Targets

    • Target

      laboratory medicine funding framework agreement 67649.js

    • Size

      18.5MB

    • MD5

      78630fdaca3146e805879cca26afb6c9

    • SHA1

      6c8f1809948b56ec4a876e1c99dc50acde9c7318

    • SHA256

      8c40f5ec18ef9b661bdab7301c0e8e7d392ca3cef681de1930f4dcb957bd22d5

    • SHA512

      d2dacd180988e9fe72e1e66ebe05ae6e4bdd4e35c15143cb7314ad2639cb7dc2a9bf98b57426844758efd6144fae3a1e281536bbec5bc12be3da618c2c1281e1

    • SSDEEP

      49152:vtl08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDOtl08dPXWR4ba/JOtT:Oc43moc43moc43moc43ml

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks