General

  • Target

    4b0a1be15c66a9bdd8a2bf53a26a9973b6ef6adad3f90478be6d4b76e3e962f9.js

  • Size

    4.4MB

  • Sample

    240802-b41j1ayanm

  • MD5

    814bf485244ee7746eb4802fcf3da2c7

  • SHA1

    24521e7d7df3e2492bfa2235c1f75c350bdd6310

  • SHA256

    4b0a1be15c66a9bdd8a2bf53a26a9973b6ef6adad3f90478be6d4b76e3e962f9

  • SHA512

    673d3d685be86bc41306ae5ea5fc7fa9542e3151f43231a1eb3beecf3deaf47f653d52a1994f12e56d9e7d9f441c8552c68d07b61af0099ce726c4750791c9ec

  • SSDEEP

    49152:IytwpCQK+v2ytwpCQK+v2ytwpCQK+v2ytwpCQK+vp:v

Malware Config

Targets

    • Target

      4b0a1be15c66a9bdd8a2bf53a26a9973b6ef6adad3f90478be6d4b76e3e962f9.js

    • Size

      4.4MB

    • MD5

      814bf485244ee7746eb4802fcf3da2c7

    • SHA1

      24521e7d7df3e2492bfa2235c1f75c350bdd6310

    • SHA256

      4b0a1be15c66a9bdd8a2bf53a26a9973b6ef6adad3f90478be6d4b76e3e962f9

    • SHA512

      673d3d685be86bc41306ae5ea5fc7fa9542e3151f43231a1eb3beecf3deaf47f653d52a1994f12e56d9e7d9f441c8552c68d07b61af0099ce726c4750791c9ec

    • SSDEEP

      49152:IytwpCQK+v2ytwpCQK+v2ytwpCQK+v2ytwpCQK+vp:v

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks