General
-
Target
union_of_taxation_employees_collective_agreement(72460).js
-
Size
10.3MB
-
Sample
241004-p1rdtayfrc
-
MD5
5e8afdcc772982b1d39f3dce21b9587b
-
SHA1
06614f068cc83c71919b8727a8d6a77ddd174640
-
SHA256
1254f254b9dc83ad59c3bee2c0a2b2650f54783db6025f787009cb5ecd550397
-
SHA512
d37e374809d432031631983c421578ad82707d94bea6cc4ed4751901f4dd77131800271e42e679daad5ba2418d0adb082807bd62238e885f923fbe84de52855d
-
SSDEEP
98304:ysPVesPVesPVesPVesPVesPVesPVesPVD:y9999999w
Static task
static1
Behavioral task
behavioral1
Sample
union_of_taxation_employees_collective_agreement(72460).js
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
union_of_taxation_employees_collective_agreement(72460).js
-
Size
10.3MB
-
MD5
5e8afdcc772982b1d39f3dce21b9587b
-
SHA1
06614f068cc83c71919b8727a8d6a77ddd174640
-
SHA256
1254f254b9dc83ad59c3bee2c0a2b2650f54783db6025f787009cb5ecd550397
-
SHA512
d37e374809d432031631983c421578ad82707d94bea6cc4ed4751901f4dd77131800271e42e679daad5ba2418d0adb082807bd62238e885f923fbe84de52855d
-
SSDEEP
98304:ysPVesPVesPVesPVesPVesPVesPVesPVD:y9999999w
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-