Overview

overview

10

Static

static

1

union_of_t...41).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(70741).js

  • Size

    3.9MB

  • Sample

    241004-n4242sserk

  • MD5

    21584a643666c13aa114ebac576086a4

  • SHA1

    c3c44af9ad5eff0677e20d3ee51ff573123b268d

  • SHA256

    8dc7a16681b340165f395d2f624307ab0bbb05671dbf2e0d4a8f418d4730e188

  • SHA512

    8db79be4c2a21c13d3eb66316c7146b36a1ff06f590a8a13df38822cc922b1739463611b0ab1b64d45ccf2cf2da30d0cadf0cbe0b2d30b906791ff4ec63a2d6d

  • SSDEEP

    24576:97Q5xcYozTt6QPV9LP7Q5xcYozTt6QPV9LP7Q5xcYozTt6QPV9LZ:97lzT1PV9r7lzT1PV9r7lzT1PV9l

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(70741).js

    • Size

      3.9MB

    • MD5

      21584a643666c13aa114ebac576086a4

    • SHA1

      c3c44af9ad5eff0677e20d3ee51ff573123b268d

    • SHA256

      8dc7a16681b340165f395d2f624307ab0bbb05671dbf2e0d4a8f418d4730e188

    • SHA512

      8db79be4c2a21c13d3eb66316c7146b36a1ff06f590a8a13df38822cc922b1739463611b0ab1b64d45ccf2cf2da30d0cadf0cbe0b2d30b906791ff4ec63a2d6d

    • SSDEEP

      24576:97Q5xcYozTt6QPV9LP7Q5xcYozTt6QPV9LP7Q5xcYozTt6QPV9LZ:97lzT1PV9r7lzT1PV9r7lzT1PV9l

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks