SWIFTJSDropper
Danish-language obfuscated JavaScript dropper. SWIFT Payment Receipt financial lure. Gootloader-like technique. Marveu003d[132,126,104,81] encoded payload. landsretssagfrerne, Uforstaaelighedernes Danish deception strings. WScript. Shell delivery.
Threat Profile
Type
Other
Programming LanguageJavaScript
C2 ProtocolHTTP/WScript
First Seen2025
Targets
Kuzey Avrupa/Küresel
Purpose / Capabilities
- JS Dropper/Payload Delivery
No C2 servers have been identified for this family yet.
Research Reports (1)
SWIFTJSDropper af743f03 -- SWIFT Payment Receipt Finansal Lur, Danca Obfuske Yorumlar Gootloader Benzeri, Marve Dizi Kodlu Payload, Landsretssagfrerne Aldatma Dizeleri | Orta
SWIFTJSDropper af743f03 ASCII text 354KB JavaScript. SWIFT Payment Receipt finansal lur. Danca obfuske yorumlar Gootloader benzeri. Marve=[132,126,104,81] dizi kodlu payload.
Read Report →