General
-
Target
280b6e9413132799e49f1a5c4cf9a3d98363be387aa93cd9ab16c00ccfe2c2e6.js
-
Size
9.9MB
-
Sample
240820-vdh2taxann
-
MD5
dc92b87e1ef69d342171a6553b5a8a30
-
SHA1
7b70df378dffd079cf8633e8940f30631de727ed
-
SHA256
280b6e9413132799e49f1a5c4cf9a3d98363be387aa93cd9ab16c00ccfe2c2e6
-
SHA512
5603d072173044f859b91f44d9ac2c177898b6c2ba359954f9e4e4247b6dc205bdeff1f1015235fb27cfcf0c638d1edc50181c70567614cea60f24b2e326d541
-
SSDEEP
49152:tA7WG+94FbEc6GhQQ5oXl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQiji:f3636363K
Malware Config
Targets
-
-
Target
280b6e9413132799e49f1a5c4cf9a3d98363be387aa93cd9ab16c00ccfe2c2e6.js
-
Size
9.9MB
-
MD5
dc92b87e1ef69d342171a6553b5a8a30
-
SHA1
7b70df378dffd079cf8633e8940f30631de727ed
-
SHA256
280b6e9413132799e49f1a5c4cf9a3d98363be387aa93cd9ab16c00ccfe2c2e6
-
SHA512
5603d072173044f859b91f44d9ac2c177898b6c2ba359954f9e4e4247b6dc205bdeff1f1015235fb27cfcf0c638d1edc50181c70567614cea60f24b2e326d541
-
SSDEEP
49152:tA7WG+94FbEc6GhQQ5oXl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQiji:f3636363K
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-