gootloader | 58a4f363a0a30e83796da648a541d3c0b85a5a0262b53dd6542d819155687738 | Triage

Resubmissions

13/03/2024, 19:14

240313-xxql4sfd38 10

13/03/2024, 19:06

240313-xr7y7sfb76 10

13/03/2024, 18:53

240313-xj16pach8t 10

13/03/2024, 18:40

240313-xbj77see66 10

Sharing

Copy URL Twitter E-mail

General

Target

Can_you_work_remotely_for_a_us_company_in_canada_48911.zip
Size

228KB
Sample

240313-xj16pach8t
MD5

1f03d825050941b174cbe7fd87104bd1
SHA1

d3684c9965465143537a086716c5c3971b042f89
SHA256

58a4f363a0a30e83796da648a541d3c0b85a5a0262b53dd6542d819155687738
SHA512

c32f338fae0df40c2a23c4a2b68d20e3983c1f31ba51b931e8b35b9e01c6bc1c7e79133d53b30f3f638645b1a467f4fcf539e01589f3a15613959ea1832294bb
SSDEEP

6144:amvSLh3V/JGl8iGUqR17mSErcZ1PLJqaPfSZgJ0WJIC26sF6e:amC/JmGUqR1SG1Pdqc0X76sr

Score

10^/10

gootloader loader

Malware Config

Targets

- Target
  
  can you work remotely for a us company in canada 15404.js
- Size
  
  842KB
- MD5
  
  58c1eaa8a5d8a53aaa6fade56cf9186d
- SHA1
  
  7476551bf85944b75230c833af9d9a01db797c20
- SHA256
  
  ba34e9bc6de2c0bc6dda9eccd3de9f5cab653b3aa9acec324086e406cb19e057
- SHA512
  
  b00e60d393da527b43b6e39ea2c5765b526cf74d7f77bf6ae35062cc7d34441cbea9344c06a6978198322a3ffa6cdc0184e3a7004c3b2a90215c14a1804d1109
- SSDEEP
  
  24576:kaCgo+ogQc5WfNnZmD/nqnVCbNze1GnPzVWpyQTaGFNE3NEr:kaCgo+ogQc5WfNnZmD/noVCb8khWpyQH
Score

10^/10

gootloader loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderloader