gootloader | 5c2a68774c1148a0c960e374049ae3452086cc32a74455b6dd149d5d54ae8790 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...752.js

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

pa collective agreement pay 28752.js
Size

840KB
Sample

240114-q9csfsbcel
MD5

99e87d7f09144d8ba65a3eec479677f4
SHA1

80caac27b8d28875be162f939fef9fc67c8d3e7c
SHA256

5c2a68774c1148a0c960e374049ae3452086cc32a74455b6dd149d5d54ae8790
SHA512

898d4e564bd93b20ab72ca825d4128aed63a5831959307dc2fbe1ec2669acbdcf6ec99e553399087755514ea58a7f2b4dc1679e18b313a1bfd1bc0abb72888f9
SSDEEP

24576:fcCgo+ogQc5WfNnZmD/nz1WqgU2e82hT+WpyQT2EFNE3NEr:fcCgo+ogQc5WfNnZmD/nZWqgaaWpyQT1

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 28752.js

Resource

win10v2004-20231215-en

gootloader execution loader

windows10-2004-x64

8 signatures

600 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 28752.js
- Size
  
  840KB
- MD5
  
  99e87d7f09144d8ba65a3eec479677f4
- SHA1
  
  80caac27b8d28875be162f939fef9fc67c8d3e7c
- SHA256
  
  5c2a68774c1148a0c960e374049ae3452086cc32a74455b6dd149d5d54ae8790
- SHA512
  
  898d4e564bd93b20ab72ca825d4128aed63a5831959307dc2fbe1ec2669acbdcf6ec99e553399087755514ea58a7f2b4dc1679e18b313a1bfd1bc0abb72888f9
- SSDEEP
  
  24576:fcCgo+ogQc5WfNnZmD/nz1WqgU2e82hT+WpyQT2EFNE3NEr:fcCgo+ogQc5WfNnZmD/nZWqgaaWpyQT1
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Gootloader family
  gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2025

Terms | Privacy