General
-
Target
union_of_taxation_employees_collective_agreement(88998).js
-
Size
5.3MB
-
Sample
240918-pbs64szcqd
-
MD5
32e8b0c3d5675dba6a372c2998e9b55e
-
SHA1
13c19a612f8671a4c6c4e7f37483c0e5e5d4bb43
-
SHA256
1f3338dbeda08ff5b4176790ad720f160e0435d3283c53b1393dd86c3fb051a0
-
SHA512
bee58ff3db81361eb203d961c575e56085621a3fe6348094c8b07e35b7066f0b5499ceec31cb9357070bb9b3678e6f549eeb8f3fd3ed5c80bc73492c837c9735
-
SSDEEP
49152:xkfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LI:xuuu+
Static task
static1
Behavioral task
behavioral1
Sample
union_of_taxation_employees_collective_agreement(88998).js
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
union_of_taxation_employees_collective_agreement(88998).js
-
Size
5.3MB
-
MD5
32e8b0c3d5675dba6a372c2998e9b55e
-
SHA1
13c19a612f8671a4c6c4e7f37483c0e5e5d4bb43
-
SHA256
1f3338dbeda08ff5b4176790ad720f160e0435d3283c53b1393dd86c3fb051a0
-
SHA512
bee58ff3db81361eb203d961c575e56085621a3fe6348094c8b07e35b7066f0b5499ceec31cb9357070bb9b3678e6f549eeb8f3fd3ed5c80bc73492c837c9735
-
SSDEEP
49152:xkfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LI:xuuu+
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-