General
-
Target
advantages_and_disadvantages_of_framework_agreements61632.zip
-
Size
1.1MB
-
Sample
241016-xnbftszgjq
-
MD5
24114b28d2adab57c06b22e0ae59fc05
-
SHA1
5d77b862448b16156febbf9170b3fb044fdbede7
-
SHA256
c024fd9d78c0f6e19b716600225d2dd97c9b32e7585c53f854fe214cf1d65c3f
-
SHA512
1317dccca6a2eac591d40bdba109d154ce561b328254abb8b28a738cabe7f5461913784e1ff9c876126a1af7ad2130a6b31f9cc025eceee9ad137170dc123a80
-
SSDEEP
24576:mfh3QyLoWecui2XKruwPB9eNBJglbJrg0oRAJuV0npVqF/:Kh3Dfemt5PGHGl7nJnnpVc/
Static task
static1
Behavioral task
behavioral1
Sample
advantages_and_disadvantages_of_framework_agreements(61632).js
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
advantages_and_disadvantages_of_framework_agreements(61632).js
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
advantages_and_disadvantages_of_framework_agreements(61632).js
-
Size
5.1MB
-
MD5
b1b03f3c9310cff3e830b9d3abebd5c4
-
SHA1
c9c72acc103a6ee6d51f2d71624fe578cbe84e04
-
SHA256
91d64d6f9153c8fc00d48a9e2ba0f945920f8e18ef2cd3d46d8ef022ce7d8483
-
SHA512
c6dcbf8ee8db4256ff7ad16da56e041be75c9ef9ef3b8a7dc7603bfe80917578cdb20c3bf783fc774073d781dd449be88e56359f715ae05b685625275d8687ba
-
SSDEEP
49152:8MRKvMLPV9yMRKvMLPV9yMRKvMLPV9yMRKvMLPV9l:N9PVB9PVB9PVB9PVD
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-