General
-
Target
cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399
-
Size
9.3MB
-
Sample
240923-n75z4szblf
-
MD5
903fcfc5a11c336dfc5d9d881c2c8ac3
-
SHA1
c21eaf136cf4bc6d3a7f17496b8c164920b5a9b5
-
SHA256
cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399
-
SHA512
afa27bacd7335d7389c194c5aa4ea776cb46bb50418eb263095f260431eec2269764b5ad9943423c3c4e132c45605f7ed1a10e4c3360f24d8470e17f1757f48f
-
SSDEEP
49152:W9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+Lr:W777777q
Malware Config
Targets
-
-
Target
cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399
-
Size
9.3MB
-
MD5
903fcfc5a11c336dfc5d9d881c2c8ac3
-
SHA1
c21eaf136cf4bc6d3a7f17496b8c164920b5a9b5
-
SHA256
cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399
-
SHA512
afa27bacd7335d7389c194c5aa4ea776cb46bb50418eb263095f260431eec2269764b5ad9943423c3c4e132c45605f7ed1a10e4c3360f24d8470e17f1757f48f
-
SSDEEP
49152:W9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+Lr:W777777q
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-