Overview

overview

10

Static

static

1

pa collect...468.js

windows10-2004-x64

10

Resubmissions

11-06-2024 13:36

240611-qwfbesygqq 10

11-06-2024 13:23

240611-qm1k1ayeqj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pa collective agreement pay 10468.js

  • Size

    4.4MB

  • Sample

    240611-qwfbesygqq

  • MD5

    814bf485244ee7746eb4802fcf3da2c7

  • SHA1

    24521e7d7df3e2492bfa2235c1f75c350bdd6310

  • SHA256

    4b0a1be15c66a9bdd8a2bf53a26a9973b6ef6adad3f90478be6d4b76e3e962f9

  • SHA512

    673d3d685be86bc41306ae5ea5fc7fa9542e3151f43231a1eb3beecf3deaf47f653d52a1994f12e56d9e7d9f441c8552c68d07b61af0099ce726c4750791c9ec

  • SSDEEP

    49152:IytwpCQK+v2ytwpCQK+v2ytwpCQK+v2ytwpCQK+vp:v

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      pa collective agreement pay 10468.js

    • Size

      4.4MB

    • MD5

      814bf485244ee7746eb4802fcf3da2c7

    • SHA1

      24521e7d7df3e2492bfa2235c1f75c350bdd6310

    • SHA256

      4b0a1be15c66a9bdd8a2bf53a26a9973b6ef6adad3f90478be6d4b76e3e962f9

    • SHA512

      673d3d685be86bc41306ae5ea5fc7fa9542e3151f43231a1eb3beecf3deaf47f653d52a1994f12e56d9e7d9f441c8552c68d07b61af0099ce726c4750791c9ec

    • SSDEEP

      49152:IytwpCQK+v2ytwpCQK+v2ytwpCQK+v2ytwpCQK+vp:v

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks