General

  • Target

    pa collective agreement pay 23857.js

  • Size

    27.8MB

  • Sample

    240716-p8m2cstemk

  • MD5

    1306ce8e351fdd346127ae1ee37ffd90

  • SHA1

    9cd01fe8a5925f67ec7ed572c75bad0cb5567542

  • SHA256

    fb744f92bddbd2fe28fc839f8e60ca8ae6b270a7802b724d618d6b9e59c648e1

  • SHA512

    3469bcf9e9be2f44f47c8cee1456a1092faa5edee4f0acbe4d04ee557e0f332d3fa27738cc34e46815f7f8cab9160fba957e59d38a8dac33d166656c054e7865

  • SSDEEP

    49152:ZoH08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDmoH08dPXWR4ba/JOtT:bc43mxc43mxc43mxc43mxc43mxc43ml

Malware Config

Targets

    • Target

      pa collective agreement pay 23857.js

    • Size

      27.8MB

    • MD5

      1306ce8e351fdd346127ae1ee37ffd90

    • SHA1

      9cd01fe8a5925f67ec7ed572c75bad0cb5567542

    • SHA256

      fb744f92bddbd2fe28fc839f8e60ca8ae6b270a7802b724d618d6b9e59c648e1

    • SHA512

      3469bcf9e9be2f44f47c8cee1456a1092faa5edee4f0acbe4d04ee557e0f332d3fa27738cc34e46815f7f8cab9160fba957e59d38a8dac33d166656c054e7865

    • SSDEEP

      49152:ZoH08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDmoH08dPXWR4ba/JOtT:bc43mxc43mxc43mxc43mxc43mxc43ml

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks