Overview

overview

10

Static

static

1

AUDITP~1.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AUDITP~1.JS

  • Size

    45.0MB

  • Sample

    250220-12l19swmc1

  • MD5

    d979ea4b15f2a4199cd037060f7c4151

  • SHA1

    c5396547c9b0d1f71cb1926db8e77076fe2314e0

  • SHA256

    845755e0392c03567f0cd0957813892ee79afd1f706c4b58b8836bfaf981bd42

  • SHA512

    7c4776a407be48bb20d6c57b552befce2d9863664a2b88b9c36d0cd5c7ed98d278643d355987fc5c779921464615df666724c3c8c5216825f1b47d1e6fe95b1c

  • SSDEEP

    49152:oHtfcHV+yVQNxQY6yU4YyJSi6kowlTFS/d16oICBYB6PGu5HTJt8uZQixQh9t+eN:y

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      AUDITP~1.JS

    • Size

      45.0MB

    • MD5

      d979ea4b15f2a4199cd037060f7c4151

    • SHA1

      c5396547c9b0d1f71cb1926db8e77076fe2314e0

    • SHA256

      845755e0392c03567f0cd0957813892ee79afd1f706c4b58b8836bfaf981bd42

    • SHA512

      7c4776a407be48bb20d6c57b552befce2d9863664a2b88b9c36d0cd5c7ed98d278643d355987fc5c779921464615df666724c3c8c5216825f1b47d1e6fe95b1c

    • SSDEEP

      49152:oHtfcHV+yVQNxQY6yU4YyJSi6kowlTFS/d16oICBYB6PGu5HTJt8uZQixQh9t+eN:y

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Gootloader family

      gootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks