Overview

overview

10

Static

static

1

union_of_t...33).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(30333).js

  • Size

    5.1MB

  • Sample

    241008-n6gk5awapm

  • MD5

    68d5f06d37896d74c70eab339eed2df4

  • SHA1

    fc263354c56ef34a4c2aeeeaa120370f9718b604

  • SHA256

    f33dea6a02b9b5ab53aac1d1b77d22154516117f675100453587258a4496b970

  • SHA512

    1e787d16277321a55fe60a569d334f00a2349242473ecacf35a591851abed6e69b0f7931ae0cd88e42f8f1e6a4525a3f3b3efd41071a0cf81068a183e5023508

  • SSDEEP

    49152:rzhU3PV9tzhU3PV9tzhU3PV9tzhU3PV9l:+PVqPVqPVqPVD

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(30333).js

    • Size

      5.1MB

    • MD5

      68d5f06d37896d74c70eab339eed2df4

    • SHA1

      fc263354c56ef34a4c2aeeeaa120370f9718b604

    • SHA256

      f33dea6a02b9b5ab53aac1d1b77d22154516117f675100453587258a4496b970

    • SHA512

      1e787d16277321a55fe60a569d334f00a2349242473ecacf35a591851abed6e69b0f7931ae0cd88e42f8f1e6a4525a3f3b3efd41071a0cf81068a183e5023508

    • SSDEEP

      49152:rzhU3PV9tzhU3PV9tzhU3PV9tzhU3PV9l:+PVqPVqPVqPVD

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks