Overview

overview

10

Static

static

1

union_of_t...61).js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    union_of_taxation_employees_collective_agreement(91261).js

  • Size

    3.9MB

  • Sample

    241010-py3n3a1fnr

  • MD5

    1b2e12bf789168b5ecc30245aec3ca59

  • SHA1

    96df0b8f90bbaca7f258e936ec6df9d95a7edd84

  • SHA256

    cb0c8346a11ad1407a6b70c52876b4c078533ea6f6ae38202d2e6a223d116b7a

  • SHA512

    089f2509579f778bad623cf34c805fe6290a299a9c88a92c384bed21773ea74a437f6d042ef05eac17200897a4bdb7b7e8a789e7c2f7248b929a514a38be6724

  • SSDEEP

    24576:SS35xMA0FsCQPV9LwS35xMA0FsCQPV9LwS35xMA0FsCQPV9LZ:SSsFSPV9kSsFSPV9kSsFSPV9l

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement(91261).js

    • Size

      3.9MB

    • MD5

      1b2e12bf789168b5ecc30245aec3ca59

    • SHA1

      96df0b8f90bbaca7f258e936ec6df9d95a7edd84

    • SHA256

      cb0c8346a11ad1407a6b70c52876b4c078533ea6f6ae38202d2e6a223d116b7a

    • SHA512

      089f2509579f778bad623cf34c805fe6290a299a9c88a92c384bed21773ea74a437f6d042ef05eac17200897a4bdb7b7e8a789e7c2f7248b929a514a38be6724

    • SSDEEP

      24576:SS35xMA0FsCQPV9LwS35xMA0FsCQPV9LwS35xMA0FsCQPV9LZ:SSsFSPV9kSsFSPV9kSsFSPV9l

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks