Overview

overview

10

Static

static

1

union_of_t...36).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(5036).js

  • Size

    8.0MB

  • Sample

    240903-rezt6szemg

  • MD5

    61e1cf211d8b45d8c81d82cf730cdb57

  • SHA1

    3af236d430c30909e51e13adba9324f2fc6eeffe

  • SHA256

    40bf11617f4a9a957f7d8fab92e381ddb7c40b51f2f2004764a7a8eaf58ac376

  • SHA512

    30c43011dbbd15b7051b09eea6581cc20195bc5d1bd8d14df536cab1d9502b470b0f03dd0ccefac709561b68a8b10f005e768fddac6292db18ea37ae87908d11

  • SSDEEP

    49152:ghWsnL6rw7cWA/G/s+LfHQlhWsnL6rw7cWA/G/s+LfHQlhWsnL6rw7cWA/G/s+Lk:gcccccT

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(5036).js

    • Size

      8.0MB

    • MD5

      61e1cf211d8b45d8c81d82cf730cdb57

    • SHA1

      3af236d430c30909e51e13adba9324f2fc6eeffe

    • SHA256

      40bf11617f4a9a957f7d8fab92e381ddb7c40b51f2f2004764a7a8eaf58ac376

    • SHA512

      30c43011dbbd15b7051b09eea6581cc20195bc5d1bd8d14df536cab1d9502b470b0f03dd0ccefac709561b68a8b10f005e768fddac6292db18ea37ae87908d11

    • SSDEEP

      49152:ghWsnL6rw7cWA/G/s+LfHQlhWsnL6rw7cWA/G/s+LfHQlhWsnL6rw7cWA/G/s+Lk:gcccccT

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks