General

  • Target

    b41cc5bbc8e836c57260ebcf3d61e2790ec4b6d2fd10c367d94751d4c36cb8cc

  • Size

    13.7MB

  • Sample

    240809-p5krts1bkq

  • MD5

    92e6cb8641e076331bd36d69dd7a8533

  • SHA1

    132ce2dfb397e170b89a987399ba1589d0ffe9e6

  • SHA256

    b41cc5bbc8e836c57260ebcf3d61e2790ec4b6d2fd10c367d94751d4c36cb8cc

  • SHA512

    60a10c7f04691240081056dac1e8052450e7c85638f4ed9b53021f778c14a13dfbf7730924e9e4500f68a7800e26540cbe9046c21c9b1c052e039c19eeb38fc9

  • SSDEEP

    49152:YYRxr8uC0NjaCXoK5gYRxr8uC0NjaCXoK5f:m9g

Malware Config

Targets

    • Target

      b41cc5bbc8e836c57260ebcf3d61e2790ec4b6d2fd10c367d94751d4c36cb8cc

    • Size

      13.7MB

    • MD5

      92e6cb8641e076331bd36d69dd7a8533

    • SHA1

      132ce2dfb397e170b89a987399ba1589d0ffe9e6

    • SHA256

      b41cc5bbc8e836c57260ebcf3d61e2790ec4b6d2fd10c367d94751d4c36cb8cc

    • SHA512

      60a10c7f04691240081056dac1e8052450e7c85638f4ed9b53021f778c14a13dfbf7730924e9e4500f68a7800e26540cbe9046c21c9b1c052e039c19eeb38fc9

    • SSDEEP

      49152:YYRxr8uC0NjaCXoK5gYRxr8uC0NjaCXoK5f:m9g

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks