gootloader | c254d2ade6ce2ec380c69d7efcc2ebb64a533eb2c8cd8714b8c091a983477bc1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Travelers_...pk).js

windows7-x64

8

Travelers_...pk).js

windows10-2004-x64

Sharing

General

Target

15-Travelers waiver of probate and agreement of indemnity exhibit c (67184).zip.7z
Size

98KB
Sample

221012-qlgrhadfbq
MD5

10236baaf7bca7dd9f4e455c9e356a75
SHA1

90883cf0d7cf0a53f269ac8a29b38a0e230d0faf
SHA256

c254d2ade6ce2ec380c69d7efcc2ebb64a533eb2c8cd8714b8c091a983477bc1
SHA512

b7b34717605c3d10c30c50b8663bf81b032e058d3d109e352db74099ae8a9e2bd8864340f5885cd33bda81c6809ebfb3be267911f697b0323c8b18095e72116f
SSDEEP

3072:Fqtfm1rDCaJBzHxzwmhIcyiQKZonBVXcPaezA:drDCaTRvd4qiVXcPa

Score

10^/10

gootloader loader

Static task

static1

Behavioral task

behavioral1

Sample

Travelers_waiver_of_probate_and_agreement_of_indemnity_exhibit_c (mfypk).js

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Travelers_waiver_of_probate_and_agreement_of_indemnity_exhibit_c (mfypk).js

Resource

win10v2004-20220901-en

gootloader loader

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  Travelers_waiver_of_probate_and_agreement_of_indemnity_exhibit_c (mfypk).js
- Size
  
  483KB
- MD5
  
  c18330dd36d3f1bd8d10364fb12993cb
- SHA1
  
  c83855860ab80a0b9edc51c8834d0027a2a5711a
- SHA256
  
  9e3100fd0ce07054eb636321f1f148e29d3fce123f52707ec46a7030472cdca0
- SHA512
  
  8d25680eade0b4e7653267ac454d5f54f138091a3ec2abf617f1b9e9e78aeb08a217d6c3e431ff2d6256ecece69b54816ac73394cd9bd059896705961bf6108f
- SSDEEP
  
  6144:rQBtXGTulaxl4IhEfD3xA7ziagmd4iLAmWR6LSF:AgThEfD3xuiagmd4iLAmWR6I
Score

10^/10

gootloader loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

gootloaderloader

© 2018-2025

Terms | Privacy