SWIFTJSDropper

Danish-language obfuscated JavaScript dropper. SWIFT Payment Receipt financial lure. Gootloader-like technique. Marveu003d[132,126,104,81] encoded payload. landsretssagfrerne, Uforstaaelighedernes Danish deception strings. WScript. Shell delivery.

Threat Profile
Type Other
Programming LanguageJavaScript
C2 ProtocolHTTP/WScript
First Seen2025
Targets Kuzey Avrupa/Küresel
Purpose / Capabilities
  • JS Dropper/Payload Delivery
No C2 servers have been identified for this family yet.

Research Reports (1)

Medium

SWIFTJSDropper af743f03 -- SWIFT Payment Receipt Finansal Lur, Danca Obfuske Yorumlar Gootloader Benzeri, Marve Dizi Kodlu Payload, Landsretssagfrerne Aldatma Dizeleri | Orta

SWIFTJSDropper af743f03 ASCII text 354KB JavaScript. SWIFT Payment Receipt finansal lur. Danca obfuske yorumlar Gootloader benzeri. Marve=[132,126,104,81] dizi kodlu payload.

Read Report →