Overview

overview

10

Static

static

1

template l...094.js

windows7-x64

10

template l...094.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43f61aec192f7cca8926df1336b05f8402d92514bd226ba0f6594b550b1faa12-27March2025.zip

  • Size

    2.4MB

  • Sample

    250326-1279hawlz9

  • MD5

    bb945654ffd93b36401dc5754082961f

  • SHA1

    168dd71d151bac8d2098c66c301226161faff0e7

  • SHA256

    75816e07ba8ddb18c9bdbb04cfb4b506b31eb83cd6573943b3ca46446353dc13

  • SHA512

    41ec47e67c58e82e3a16d1bfb516c1343682d213ad19915d485706b8f621b1c858dd80ccb85e9c9207d9b2caad2ac69ffbffa5f615f751c19ef4f577cbdb8a61

  • SSDEEP

    49152:itJRPNCX+QkqFcjHKWo75CAl/tYpUNW74sxK4v/NptRFTKYJg3:itzPAkqF4qWEgA9excENb/T83

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      template letter to cancel service contract 10094.js

    • Size

      13.9MB

    • MD5

      98ea723de2f4ce7c0ce6083bee82168c

    • SHA1

      345780ed928b6b21b951a8c57fbd1daa21b86a0a

    • SHA256

      5ab7c599252ac1c908edcbeb408e12c6398330a91bab4a21fc853731ecb4f7b1

    • SHA512

      6fa08f38b7131080685ca7511db874e5a0a246ff2613f39aa31d9ee6f1d4cc1a43acc07b8725885aff70739791ebbd7485e8266f74cbfd9de0cdb7e641623ff0

    • SSDEEP

      49152:hyd08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDwyd08dPXWR4ba/JOt4:1c43mvc43mvc43ml

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Gootloader family

      gootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks