Overview

overview

10

Static

static

1

PROFES~1.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PROFES~1.JS

  • Size

    38.4MB

  • Sample

    240821-q2a9na1fmh

  • MD5

    fa13a93a88b5389a3b6c194e98b4de27

  • SHA1

    31b621a6907c23f221038273394ac05882e028dc

  • SHA256

    db4833fcc45a5091bba755e88cd950023c2caf8a6c6b649c2b1437e131e959ba

  • SHA512

    9705a7e38e0934de70a3c4f3d1c53d8f0c3b103ed40389d58da75652a21d33f8a6d2ee4e9f8aeefff2a9eebccce14a3729632231c313d1227d466059e95ae74d

  • SSDEEP

    6144:pNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJ5:H

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      PROFES~1.JS

    • Size

      38.4MB

    • MD5

      fa13a93a88b5389a3b6c194e98b4de27

    • SHA1

      31b621a6907c23f221038273394ac05882e028dc

    • SHA256

      db4833fcc45a5091bba755e88cd950023c2caf8a6c6b649c2b1437e131e959ba

    • SHA512

      9705a7e38e0934de70a3c4f3d1c53d8f0c3b103ed40389d58da75652a21d33f8a6d2ee4e9f8aeefff2a9eebccce14a3729632231c313d1227d466059e95ae74d

    • SSDEEP

      6144:pNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJNJ5:H

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks