Overview

overview

10

Static

static

1

union_of_t...780.js

windows7-x64

10

union_of_t...780.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement13780.js

  • Size

    6.4MB

  • Sample

    241009-p7489avdln

  • MD5

    7b01e48178b20f98a7044be8e9fba8e3

  • SHA1

    18220e55b120e47fbbd04bd2515e07e57b1afc04

  • SHA256

    420aa512b3478fd7245746384258ea221887ee6bcec21c96ddfda0123e838763

  • SHA512

    d124ba79d22c1e284fdd58f210a8245206a368b8232611e9d16cef51a78b427963dde15f1f570c87c591957a4df31e4ebfa310a23f56cbb22f4c081a288caf94

  • SSDEEP

    49152:wsWOuJPV9qsWOuJPV9qsWOuJPV9qsWOuJPV9qsWOuJPV9l:XmPVzmPVzmPVzmPVzmPVD

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement13780.js

    • Size

      6.4MB

    • MD5

      7b01e48178b20f98a7044be8e9fba8e3

    • SHA1

      18220e55b120e47fbbd04bd2515e07e57b1afc04

    • SHA256

      420aa512b3478fd7245746384258ea221887ee6bcec21c96ddfda0123e838763

    • SHA512

      d124ba79d22c1e284fdd58f210a8245206a368b8232611e9d16cef51a78b427963dde15f1f570c87c591957a4df31e4ebfa310a23f56cbb22f4c081a288caf94

    • SSDEEP

      49152:wsWOuJPV9qsWOuJPV9qsWOuJPV9qsWOuJPV9qsWOuJPV9l:XmPVzmPVzmPVzmPVzmPVD

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks