Overview

overview

10

Static

static

1

union_of_t...86).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(58886).js

  • Size

    9.3MB

  • Sample

    240909-qwnb2ashqa

  • MD5

    25f77f707f73fa2834d2e19a9cabd9db

  • SHA1

    826949de3bfc79ebe179481c0528f43dffee4d74

  • SHA256

    f080d2cca20366f85b97d77ec9f452bd3e14da61a69f618d86a224caebab66fb

  • SHA512

    2711098d3ea183febcb4f18d61c619e421e45ccf07196dfad7b99a1ab8c61bb7afa8c999138e8e77cf881638cb8cb2e46daa61755a2f2801fad416b095106647

  • SSDEEP

    49152:5okJnhuzwccTPYG/s+LfHQGokJnhuzwccTPYG/s+LfHQGokJnhuzwccTPYG/s+L7:5JJJJJJX

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(58886).js

    • Size

      9.3MB

    • MD5

      25f77f707f73fa2834d2e19a9cabd9db

    • SHA1

      826949de3bfc79ebe179481c0528f43dffee4d74

    • SHA256

      f080d2cca20366f85b97d77ec9f452bd3e14da61a69f618d86a224caebab66fb

    • SHA512

      2711098d3ea183febcb4f18d61c619e421e45ccf07196dfad7b99a1ab8c61bb7afa8c999138e8e77cf881638cb8cb2e46daa61755a2f2801fad416b095106647

    • SSDEEP

      49152:5okJnhuzwccTPYG/s+LfHQGokJnhuzwccTPYG/s+LfHQGokJnhuzwccTPYG/s+L7:5JJJJJJX

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks