General
-
Target
Dr. Lalusin-form_cheque_request_ff-NRGH-Site Visit.js
-
Size
281KB
-
Sample
241105-j8fdmaxkbv
-
MD5
710137b0c23b5aeab171afcde3098416
-
SHA1
7acab22c5c54d9ed4db06e0baf882b6da3e34f05
-
SHA256
12151d0287a0c4974d42aef01f5f6f35dd69021ffe4d01adb804962d423534d4
-
SHA512
55456ecd1e3485c073cae90a7aafe78b9082542efba7ba5dda246a9685c202763c2d5a01f32e9d9b32b13fe90cc9e5e81b21e02be5a064cbfd5d5dc0ba30ea24
-
SSDEEP
6144:he3Ih6n3cpC1ywXTgjL64OfbsD5QHFmnIIJF28s8OvMIcI1fEZaATRZtr:h+D4OfsqFmu8TMMO1fEZaATtr
Static task
static1
Behavioral task
behavioral1
Sample
Dr. Lalusin-form_cheque_request_ff-NRGH-Site Visit.js
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Dr. Lalusin-form_cheque_request_ff-NRGH-Site Visit.js
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Dr. Lalusin-form_cheque_request_ff-NRGH-Site Visit.js
-
Size
281KB
-
MD5
710137b0c23b5aeab171afcde3098416
-
SHA1
7acab22c5c54d9ed4db06e0baf882b6da3e34f05
-
SHA256
12151d0287a0c4974d42aef01f5f6f35dd69021ffe4d01adb804962d423534d4
-
SHA512
55456ecd1e3485c073cae90a7aafe78b9082542efba7ba5dda246a9685c202763c2d5a01f32e9d9b32b13fe90cc9e5e81b21e02be5a064cbfd5d5dc0ba30ea24
-
SSDEEP
6144:he3Ih6n3cpC1ywXTgjL64OfbsD5QHFmnIIJF28s8OvMIcI1fEZaATRZtr:h+D4OfsqFmu8TMMO1fEZaATtr
Score10/10-
GootLoader
JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
-
Gootloader family
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-