Overview

overview

10

Static

static

1

union_of_t...08).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(46508).js

  • Size

    9.3MB

  • Sample

    240912-nz36jstfrk

  • MD5

    d7000b36225b7029ba2b4b60740509ce

  • SHA1

    7d173ae7775b24be2f84047d0a6e15b3874878d0

  • SHA256

    0c13ee253e4413e43fd053b49b014d30b66a921aa3dbaecfaa1797e3e0241368

  • SHA512

    1674e0c46b9e44e65eccdaa827ad7c4b8b8cdb95d7168c8639594b356ac84093656200edd9d4658269191369d8b583371792a0dd10fff8dc5d39d82a44bf201e

  • SSDEEP

    49152:19y4nBjOwE9VTXa/s+LfHQI9y4nBjOwE9VTXa/s+LfHQI9y4nBjOwE9VTXa/s+L7:1DDDDDDt

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(46508).js

    • Size

      9.3MB

    • MD5

      d7000b36225b7029ba2b4b60740509ce

    • SHA1

      7d173ae7775b24be2f84047d0a6e15b3874878d0

    • SHA256

      0c13ee253e4413e43fd053b49b014d30b66a921aa3dbaecfaa1797e3e0241368

    • SHA512

      1674e0c46b9e44e65eccdaa827ad7c4b8b8cdb95d7168c8639594b356ac84093656200edd9d4658269191369d8b583371792a0dd10fff8dc5d39d82a44bf201e

    • SSDEEP

      49152:19y4nBjOwE9VTXa/s+LfHQI9y4nBjOwE9VTXa/s+LfHQI9y4nBjOwE9VTXa/s+L7:1DDDDDDt

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks