General

  • Target

    b53ec71b7a07ad3fb8c36a3c8cfc28eefd146cd3e17228b4c340474f25c48e37

  • Size

    13.7MB

  • Sample

    240729-p4zvcsygpr

  • MD5

    63cf4b18ae1acb7db0a839c351608697

  • SHA1

    890f9d086cf309e97f71501dec3dfe417ac7f5a2

  • SHA256

    b53ec71b7a07ad3fb8c36a3c8cfc28eefd146cd3e17228b4c340474f25c48e37

  • SHA512

    e90108845735cddb202c08db00e391d028d2a48e8743b2ef33a810bc2bbdee475894dce08f5b1194f20daa9df040da011205f842942d9f7f64e55445cbac67f7

  • SSDEEP

    49152:YYRxr8uC0NjaCXB7gYRxr8uC0NjaCXB7f:nLz

Malware Config

Targets

    • Target

      b53ec71b7a07ad3fb8c36a3c8cfc28eefd146cd3e17228b4c340474f25c48e37

    • Size

      13.7MB

    • MD5

      63cf4b18ae1acb7db0a839c351608697

    • SHA1

      890f9d086cf309e97f71501dec3dfe417ac7f5a2

    • SHA256

      b53ec71b7a07ad3fb8c36a3c8cfc28eefd146cd3e17228b4c340474f25c48e37

    • SHA512

      e90108845735cddb202c08db00e391d028d2a48e8743b2ef33a810bc2bbdee475894dce08f5b1194f20daa9df040da011205f842942d9f7f64e55445cbac67f7

    • SSDEEP

      49152:YYRxr8uC0NjaCXB7gYRxr8uC0NjaCXB7f:nLz

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks