General

  • Target

    7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1

  • Size

    13.7MB

  • Sample

    240804-qrejbs1alb

  • MD5

    0e5d3ff86711e4606feb69d9c0c5782a

  • SHA1

    a2b8b003a425d543c65531c38809bbca069d8c06

  • SHA256

    7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1

  • SHA512

    fa2bac161cb1154f11332d0d0cc55992f10daa2df2167add56ed3c17b0c9e880d6c7ea1e1838e0a6c484de383daf2b917270efecfd73af4fdc838f9e9af252fe

  • SSDEEP

    49152:YYRxr8uC0NjaCXqDRgYRxr8uC0NjaCXqDRf:4qx

Malware Config

Targets

    • Target

      7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1

    • Size

      13.7MB

    • MD5

      0e5d3ff86711e4606feb69d9c0c5782a

    • SHA1

      a2b8b003a425d543c65531c38809bbca069d8c06

    • SHA256

      7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1

    • SHA512

      fa2bac161cb1154f11332d0d0cc55992f10daa2df2167add56ed3c17b0c9e880d6c7ea1e1838e0a6c484de383daf2b917270efecfd73af4fdc838f9e9af252fe

    • SSDEEP

      49152:YYRxr8uC0NjaCXqDRgYRxr8uC0NjaCXqDRf:4qx

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks