General

  • Target

    579f27bb326b7eea45ad12844d68323c75ec860ca8c43c388aeab7cb338f20af

  • Size

    7.4MB

  • Sample

    240821-xlbzksyejn

  • MD5

    d29afe6b00c5bfc82c1adb11b0808ecd

  • SHA1

    fcea0e87641b47c22f6129d98e012cd6d7ad962a

  • SHA256

    579f27bb326b7eea45ad12844d68323c75ec860ca8c43c388aeab7cb338f20af

  • SHA512

    8ba47f1f4cdb4c54071bbc2b6193412e44a1157e796a33d87e9752660de1ff977a876c11694f573a55f327d7a69f4f62adc7353c0f3314d6f7a89d0ab7a803f0

  • SSDEEP

    49152:pxja+NvsFbEc6GhQz5Czl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijn:ZG30G30G3K

Malware Config

Targets

    • Target

      579f27bb326b7eea45ad12844d68323c75ec860ca8c43c388aeab7cb338f20af

    • Size

      7.4MB

    • MD5

      d29afe6b00c5bfc82c1adb11b0808ecd

    • SHA1

      fcea0e87641b47c22f6129d98e012cd6d7ad962a

    • SHA256

      579f27bb326b7eea45ad12844d68323c75ec860ca8c43c388aeab7cb338f20af

    • SHA512

      8ba47f1f4cdb4c54071bbc2b6193412e44a1157e796a33d87e9752660de1ff977a876c11694f573a55f327d7a69f4f62adc7353c0f3314d6f7a89d0ab7a803f0

    • SSDEEP

      49152:pxja+NvsFbEc6GhQz5Czl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijn:ZG30G30G3K

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks