Overview

overview

10

Static

static

1

10_basic_r...24).js

windows7-x64

10

10_basic_r...24).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10_basic_rule_of_subject_verb_agreement87124.zip

  • Size

    1.1MB

  • Sample

    241008-rwg1pavcpg

  • MD5

    26a3ceabfde92d64b6a178c402535f88

  • SHA1

    02a0ead186e5d7a78fa217acb386ded9d8e7088b

  • SHA256

    911b23f2c029209e96a584c5261e9ad6c5e9851e5ba979279c72ad5ccc9a85e8

  • SHA512

    a605826c3c6d8f217b0e0268f75354e3a023c82ac4e26ea78ca886ecd2bf161cc218258ee340a8c66526e30e746805a602655633b55bb9c25db297ac779bb257

  • SSDEEP

    24576:mqkmK4WM+/uT/YHkuEZgMB8RNku1s17V2dpAC0g+QuMbmQFMgWhMtft:m3NWTQHKtiNF1sMzZmAW+ft

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      10_basic_rule_of_subject_verb_agreement(87124).js

    • Size

      5.1MB

    • MD5

      4a5c8aa058a41677ad77b9da11d245cd

    • SHA1

      73d4b3691217109a3a640d9c8a0a646d17c10238

    • SHA256

      8820963b2d91e1ed6888fc504bf97a4f448db2a7c7457865f8e95693db3deece

    • SHA512

      e1db0bc4737972b96bbb3ab309a788cbb9c6290cb67aaa0459bc900f15d2f3a82edb6fbc7bb6526a3d5ab089a601565ac72ddb2d59bdcfe04c0362c45c66d99e

    • SSDEEP

      49152:LkFp0oPV9lkFp0oPV9lkFp0oPV9lkFp0oPV9l:oPVEPVEPVEPVD

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks