General
-
Target
water escrow agreement 77912.js
-
Size
19.3MB
-
Sample
241017-rqmc8a1bqg
-
MD5
67da9c54b9fba4ded6d308dde26f8ff8
-
SHA1
6c67286c6f33e2110e3db8c8240a491506313668
-
SHA256
9149f8b2afe9f24692b628c0c014ccbcccb7b54561e4ab544656c83164a3f279
-
SHA512
11a3070294d948c716a0a6321f1c7967c31a09117b61f022537fb98f4849f10c0f6f3357438165efed937b25679d85f9be19f5204610ed0476c6eab525974d9d
-
SSDEEP
49152:j7BRzjCxbUqHlp4nv5N0+ChM/5bzSYzYBBji+8j3d3O6/+PQGoI13qu2FJEYcE2W:X
Static task
static1
Behavioral task
behavioral1
Sample
water escrow agreement 77912.js
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
water escrow agreement 77912.js
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
water escrow agreement 77912.js
-
Size
19.3MB
-
MD5
67da9c54b9fba4ded6d308dde26f8ff8
-
SHA1
6c67286c6f33e2110e3db8c8240a491506313668
-
SHA256
9149f8b2afe9f24692b628c0c014ccbcccb7b54561e4ab544656c83164a3f279
-
SHA512
11a3070294d948c716a0a6321f1c7967c31a09117b61f022537fb98f4849f10c0f6f3357438165efed937b25679d85f9be19f5204610ed0476c6eab525974d9d
-
SSDEEP
49152:j7BRzjCxbUqHlp4nv5N0+ChM/5bzSYzYBBji+8j3d3O6/+PQGoI13qu2FJEYcE2W:X
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-