gootloader | 594b1e33e576cd7f28ed0bbeeb46ea16e80c1db7d1048e8a040abbfdb0e8467e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

test.js

windows7-x64

test.js

windows10-2004-x64

Sharing

General

Target

test
Size

1.7MB
Sample

240222-jxc45afa66
MD5

968ee3bb4dd8c643334ada06e3265c72
SHA1

b4e2438a08f1581e79435bc2b2a00d3c3c1271a7
SHA256

594b1e33e576cd7f28ed0bbeeb46ea16e80c1db7d1048e8a040abbfdb0e8467e
SHA512

51085e2ad98a44217a03aad7569e036c57d6cdb8243f30e1dcc6c7d3ea13da963f78744678cfbed25b544bdbf839e3347d601dfbfa5de90b62eaa46e3690990d
SSDEEP

12288:SeEYbhfw4Y/hz2z+FIE5AlQlDu90TsDJWx5u1xNydLpg8hC6gQl6GfwgqqQkv2Gq:Sefbhfj8SWHu1/wD5HroObm

Score

10^/10

gootloader loader

Static task

static1

Behavioral task

behavioral1

Sample

test.js

Resource

win7-20240220-en

gootloader loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

test.js

Resource

win10v2004-20240221-en

gootloader loader

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  test
- Size
  
  1.7MB
- MD5
  
  968ee3bb4dd8c643334ada06e3265c72
- SHA1
  
  b4e2438a08f1581e79435bc2b2a00d3c3c1271a7
- SHA256
  
  594b1e33e576cd7f28ed0bbeeb46ea16e80c1db7d1048e8a040abbfdb0e8467e
- SHA512
  
  51085e2ad98a44217a03aad7569e036c57d6cdb8243f30e1dcc6c7d3ea13da963f78744678cfbed25b544bdbf839e3347d601dfbfa5de90b62eaa46e3690990d
- SSDEEP
  
  12288:SeEYbhfw4Y/hz2z+FIE5AlQlDu90TsDJWx5u1xNydLpg8hC6gQl6GfwgqqQkv2Gq:Sefbhfj8SWHu1/wD5HroObm
Score

10^/10

gootloader loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderloader

behavioral2

gootloaderloader

© 2018-2025

Terms | Privacy