General

  • Target

    union_of_taxation_employees_collective_agreement19793.js

  • Size

    3.9MB

  • Sample

    241014-n4x54avbpf

  • MD5

    5d9834e74e7cbbb4a085435b764c7e90

  • SHA1

    a66ff6625f9b7d72e09da4d6e3aabea085be801b

  • SHA256

    7332d16a2078e910b20382a7e8c429a9cc5f83050f2bd14c8539140483802d8f

  • SHA512

    33f36a600ffb336a93891ca159b72048c2b3fbf5cb42c5b2c094d555d6f40538ae359cfe1d07d3dc90fe17bd739c6fd447e9f53021bcf784831d5c5f1c8d637a

  • SSDEEP

    24576:b175xd0GGB7NQPV9LR175xd0GGB7NQPV9LR175xd0GGB7NQPV9LZ:b1pEKPV9N1pEKPV9N1pEKPV9l

Malware Config

Targets

    • Target

      union_of_taxation_employees_collective_agreement19793.js

    • Size

      3.9MB

    • MD5

      5d9834e74e7cbbb4a085435b764c7e90

    • SHA1

      a66ff6625f9b7d72e09da4d6e3aabea085be801b

    • SHA256

      7332d16a2078e910b20382a7e8c429a9cc5f83050f2bd14c8539140483802d8f

    • SHA512

      33f36a600ffb336a93891ca159b72048c2b3fbf5cb42c5b2c094d555d6f40538ae359cfe1d07d3dc90fe17bd739c6fd447e9f53021bcf784831d5c5f1c8d637a

    • SSDEEP

      24576:b175xd0GGB7NQPV9LR175xd0GGB7NQPV9LR175xd0GGB7NQPV9LZ:b1pEKPV9N1pEKPV9N1pEKPV9l

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks