Overview

overview

10

Static

static

1

pa collect...201.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pa collective agreement pay 31201.js

  • Size

    13.9MB

  • Sample

    240701-qn2vfsxdrj

  • MD5

    1c4259062faaac20eb7588c43b41b67a

  • SHA1

    9c58d602fd7cbf72ed5e956160e4047d58b98194

  • SHA256

    9b2e8b3f7a126a2e0d6bfadf984979189a6510cbfabf4f50f4880d7e4cbea119

  • SHA512

    6da1fc9295aa096330bae9ca11f34b29bec0cd3eb1b0f407c9b5230a604ea7673862860462c7ada45a1a777ff662525de6fc0bf9efdef2608929b7dd0d1ee268

  • SSDEEP

    49152:/tLF08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDmtLF08dPXWR4ba/Jw:Zkc43mbkc43mbkc43ml

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      pa collective agreement pay 31201.js

    • Size

      13.9MB

    • MD5

      1c4259062faaac20eb7588c43b41b67a

    • SHA1

      9c58d602fd7cbf72ed5e956160e4047d58b98194

    • SHA256

      9b2e8b3f7a126a2e0d6bfadf984979189a6510cbfabf4f50f4880d7e4cbea119

    • SHA512

      6da1fc9295aa096330bae9ca11f34b29bec0cd3eb1b0f407c9b5230a604ea7673862860462c7ada45a1a777ff662525de6fc0bf9efdef2608929b7dd0d1ee268

    • SSDEEP

      49152:/tLF08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDmtLF08dPXWR4ba/Jw:Zkc43mbkc43mbkc43ml

    Score
    10/10
    gootloaderexecutionloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks