General

  • Target

    46809b2974a9f6e54502095f81fa1ea45db0670cabff2769e495ce24525b201a.js

  • Size

    8.0MB

  • Sample

    240925-b27wasxcpq

  • MD5

    5c0f1cf13dbeea07797df26039253965

  • SHA1

    2799006c6a819c88922788e631d774975d56b252

  • SHA256

    46809b2974a9f6e54502095f81fa1ea45db0670cabff2769e495ce24525b201a

  • SHA512

    486b571963c9b40023caf43325613c6a4b28ec48dccc74f1e1b6ceaf2ded1ef11daf7e774128614de9d896ff91fa8e84f976bc8e55629963f70d3b1eff16b55f

  • SSDEEP

    49152:l49cXRna4lwacW94G/s+LfHQa49cXRna4lwacW94G/s+LfHQa49cXRna4lwacW9n:lvtvtvtvtvtv/

Malware Config

Targets

    • Target

      46809b2974a9f6e54502095f81fa1ea45db0670cabff2769e495ce24525b201a.js

    • Size

      8.0MB

    • MD5

      5c0f1cf13dbeea07797df26039253965

    • SHA1

      2799006c6a819c88922788e631d774975d56b252

    • SHA256

      46809b2974a9f6e54502095f81fa1ea45db0670cabff2769e495ce24525b201a

    • SHA512

      486b571963c9b40023caf43325613c6a4b28ec48dccc74f1e1b6ceaf2ded1ef11daf7e774128614de9d896ff91fa8e84f976bc8e55629963f70d3b1eff16b55f

    • SSDEEP

      49152:l49cXRna4lwacW94G/s+LfHQa49cXRna4lwacW94G/s+LfHQa49cXRna4lwacW9n:lvtvtvtvtvtv/

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks