General

  • Target

    409f0ffb96db2598ee8aee7800b3d6d2b1f751c241f5a2f8062d34515f5b3137.js

  • Size

    23.2MB

  • Sample

    240802-zgynwszajn

  • MD5

    b138e06a4863f6356ce014a0f63d1406

  • SHA1

    506b43b59c71118165f161705ed995803a4ba0a6

  • SHA256

    409f0ffb96db2598ee8aee7800b3d6d2b1f751c241f5a2f8062d34515f5b3137

  • SHA512

    cf9e660ed86c53bb7f7e492957eca25a87080eccb9b6b8940b61df91cf1c7b32677c7bffc5cbf65b8c53048b2184cbd53d98b4de2ba11ba96dd65266a11a1306

  • SSDEEP

    49152:SBC08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDNBC08dPXWR4ba/JOtN:ic43m0c43m0c43m0c43m0c43ml

Malware Config

Targets

    • Target

      409f0ffb96db2598ee8aee7800b3d6d2b1f751c241f5a2f8062d34515f5b3137.js

    • Size

      23.2MB

    • MD5

      b138e06a4863f6356ce014a0f63d1406

    • SHA1

      506b43b59c71118165f161705ed995803a4ba0a6

    • SHA256

      409f0ffb96db2598ee8aee7800b3d6d2b1f751c241f5a2f8062d34515f5b3137

    • SHA512

      cf9e660ed86c53bb7f7e492957eca25a87080eccb9b6b8940b61df91cf1c7b32677c7bffc5cbf65b8c53048b2184cbd53d98b4de2ba11ba96dd65266a11a1306

    • SSDEEP

      49152:SBC08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDNBC08dPXWR4ba/JOtN:ic43m0c43m0c43m0c43m0c43ml

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks