General

  • Target

    cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399

  • Size

    9.3MB

  • Sample

    240924-gcagdsxdkb

  • MD5

    903fcfc5a11c336dfc5d9d881c2c8ac3

  • SHA1

    c21eaf136cf4bc6d3a7f17496b8c164920b5a9b5

  • SHA256

    cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399

  • SHA512

    afa27bacd7335d7389c194c5aa4ea776cb46bb50418eb263095f260431eec2269764b5ad9943423c3c4e132c45605f7ed1a10e4c3360f24d8470e17f1757f48f

  • SSDEEP

    49152:W9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+Lr:W777777q

Malware Config

Targets

    • Target

      cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399

    • Size

      9.3MB

    • MD5

      903fcfc5a11c336dfc5d9d881c2c8ac3

    • SHA1

      c21eaf136cf4bc6d3a7f17496b8c164920b5a9b5

    • SHA256

      cefe81ea428bdb45033875b07539d8e77f6c55f3488838cf17033cb4f87f4399

    • SHA512

      afa27bacd7335d7389c194c5aa4ea776cb46bb50418eb263095f260431eec2269764b5ad9943423c3c4e132c45605f7ed1a10e4c3360f24d8470e17f1757f48f

    • SSDEEP

      49152:W9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+LfHQH9canpP9w8LZ4WG/s+Lr:W777777q

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks