Overview

overview

10

Static

static

1

POWERP~1.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    POWERP~1.JS

  • Size

    44.9MB

  • Sample

    241123-qgkmla1rfp

  • MD5

    b4ee7e42307d0c7219a8105c041970d0

  • SHA1

    c69a94af010cb5c313aca4f6a43a9c7e55be29fe

  • SHA256

    41d2de93dca3faab22eb1a026e35690ced910487a3fb61030de78856708c0e89

  • SHA512

    85a2300ecc545bbf971fcd18bcd7b81e8af55f62ad011eb35fad946ec6bc2023902f3cd59e0ea23fe8e956e3f94497ceea3bea9a11402e0c083916f6b602b85c

  • SSDEEP

    49152:/rQND+OCKvCTGRJ2FbGrN13FE7YI6ZllNMdHFSfJgnH+Gql39heu0v+2A6ZFbilo:/5

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      POWERP~1.JS

    • Size

      44.9MB

    • MD5

      b4ee7e42307d0c7219a8105c041970d0

    • SHA1

      c69a94af010cb5c313aca4f6a43a9c7e55be29fe

    • SHA256

      41d2de93dca3faab22eb1a026e35690ced910487a3fb61030de78856708c0e89

    • SHA512

      85a2300ecc545bbf971fcd18bcd7b81e8af55f62ad011eb35fad946ec6bc2023902f3cd59e0ea23fe8e956e3f94497ceea3bea9a11402e0c083916f6b602b85c

    • SSDEEP

      49152:/rQND+OCKvCTGRJ2FbGrN13FE7YI6ZllNMdHFSfJgnH+Gql39heu0v+2A6ZFbilo:/5

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Gootloader family

      gootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks