Overview

overview

10

Static

static

1

government...69).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    government_of_bc_collective_agreement(6869).js

  • Size

    9.9MB

  • Sample

    240823-pvfecstgre

  • MD5

    e126b8b2c40d071b99abbc670d6b1ce7

  • SHA1

    41218971f1c79fab64fc08f1ca7ff8fbb31abe53

  • SHA256

    1979602a4985a955246d865edda201643b5047a288c1d09e73c724e833aca4c5

  • SHA512

    32be2d9db83bd25a21bf2cf389fd555748b220ada4bc19a2d59463be4fc9171c18ef6e0e4d456ae93fc7eaef7eb33e80d6820603b7476032e100a9506604e212

  • SSDEEP

    49152:Zck/+UbFbEc6GhQ25Cql+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsj:53M3M3M3K

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      government_of_bc_collective_agreement(6869).js

    • Size

      9.9MB

    • MD5

      e126b8b2c40d071b99abbc670d6b1ce7

    • SHA1

      41218971f1c79fab64fc08f1ca7ff8fbb31abe53

    • SHA256

      1979602a4985a955246d865edda201643b5047a288c1d09e73c724e833aca4c5

    • SHA512

      32be2d9db83bd25a21bf2cf389fd555748b220ada4bc19a2d59463be4fc9171c18ef6e0e4d456ae93fc7eaef7eb33e80d6820603b7476032e100a9506604e212

    • SSDEEP

      49152:Zck/+UbFbEc6GhQ25Cql+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsj:53M3M3M3K

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks