General
-
Target
government_of_bc_collective_agreement(14085).js
-
Size
7.4MB
-
Sample
240821-v9p51avgmr
-
MD5
d29afe6b00c5bfc82c1adb11b0808ecd
-
SHA1
fcea0e87641b47c22f6129d98e012cd6d7ad962a
-
SHA256
579f27bb326b7eea45ad12844d68323c75ec860ca8c43c388aeab7cb338f20af
-
SHA512
8ba47f1f4cdb4c54071bbc2b6193412e44a1157e796a33d87e9752660de1ff977a876c11694f573a55f327d7a69f4f62adc7353c0f3314d6f7a89d0ab7a803f0
-
SSDEEP
49152:pxja+NvsFbEc6GhQz5Czl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijn:ZG30G30G3K
Static task
static1
Behavioral task
behavioral1
Sample
government_of_bc_collective_agreement(14085).js
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
government_of_bc_collective_agreement(14085).js
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
government_of_bc_collective_agreement(14085).js
-
Size
7.4MB
-
MD5
d29afe6b00c5bfc82c1adb11b0808ecd
-
SHA1
fcea0e87641b47c22f6129d98e012cd6d7ad962a
-
SHA256
579f27bb326b7eea45ad12844d68323c75ec860ca8c43c388aeab7cb338f20af
-
SHA512
8ba47f1f4cdb4c54071bbc2b6193412e44a1157e796a33d87e9752660de1ff977a876c11694f573a55f327d7a69f4f62adc7353c0f3314d6f7a89d0ab7a803f0
-
SSDEEP
49152:pxja+NvsFbEc6GhQz5Czl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijn:ZG30G30G3K
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-