Overview

overview

10

Static

static

1

union_of_t...21).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(1221).js

  • Size

    6.6MB

  • Sample

    240826-p99azsvejc

  • MD5

    34f06cd100200cf81423154f1c01f5e7

  • SHA1

    d87002785018e66d70208009c9ec57bc9f355cda

  • SHA256

    44685df5ca98e5f6849ea129bc8c879428eb796ac29547c577d5a4701495d494

  • SHA512

    f1ff91c7a9116bf5a961ccd5a030652e55d5ca70941af7b186f85df5e097cb09d4f1d8851c5a1310f0b5904c3e2823fa78e1388f5c5b50bc66f2fce0ac621a97

  • SSDEEP

    49152:PixpnRnywhVq1NG/s+LfHQ+ixpnRnywhVq1NG/s+LfHQ+ixpnRnywhVq1NG/s+LJ:PKKKKy

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(1221).js

    • Size

      6.6MB

    • MD5

      34f06cd100200cf81423154f1c01f5e7

    • SHA1

      d87002785018e66d70208009c9ec57bc9f355cda

    • SHA256

      44685df5ca98e5f6849ea129bc8c879428eb796ac29547c577d5a4701495d494

    • SHA512

      f1ff91c7a9116bf5a961ccd5a030652e55d5ca70941af7b186f85df5e097cb09d4f1d8851c5a1310f0b5904c3e2823fa78e1388f5c5b50bc66f2fce0ac621a97

    • SSDEEP

      49152:PixpnRnywhVq1NG/s+LfHQ+ixpnRnywhVq1NG/s+LfHQ+ixpnRnywhVq1NG/s+LJ:PKKKKy

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks