Overview

overview

10

Static

static

1

ORIGINAL-I...749.js

windows7-x64

3

ORIGINAL-I...749.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ORIGINAL-Investigation-cancellationofcontractletterformat98749.js

  • Size

    844KB

  • Sample

    250220-znz6aswpw3

  • MD5

    90e6da66dd2f4a6e5758a96d238db42a

  • SHA1

    febc0ca2102b8d97dc6ba7d4399dde1e7a9c18b1

  • SHA256

    d14c42b8258c8a642a6d4b19791b5f0d046fa2811ca06beb34c088812bbeb454

  • SHA512

    c22e9920752f017334ce17bae3ddbd48eb47901add7416a1671160646908fa47830de204baca95d3279da5c73c052bb0ed7bc6fb1a3a63cf2e67ae5bf54e971b

  • SSDEEP

    24576:7WCgo+ogQc5WfNnZmD/nFKJqfJMeHD1jEOWpyQTJEFNE3NEr:7WCgo+ogQc5WfNnZmD/nAJqfnbWpyQTK

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      ORIGINAL-Investigation-cancellationofcontractletterformat98749.js

    • Size

      844KB

    • MD5

      90e6da66dd2f4a6e5758a96d238db42a

    • SHA1

      febc0ca2102b8d97dc6ba7d4399dde1e7a9c18b1

    • SHA256

      d14c42b8258c8a642a6d4b19791b5f0d046fa2811ca06beb34c088812bbeb454

    • SHA512

      c22e9920752f017334ce17bae3ddbd48eb47901add7416a1671160646908fa47830de204baca95d3279da5c73c052bb0ed7bc6fb1a3a63cf2e67ae5bf54e971b

    • SSDEEP

      24576:7WCgo+ogQc5WfNnZmD/nFKJqfJMeHD1jEOWpyQTJEFNE3NEr:7WCgo+ogQc5WfNnZmD/nAJqfnbWpyQTK

    Score
    10/10
    executiongootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Gootloader family

      gootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks