gootloader | 1223f257d55420e519938c205d39b24c83f095b49c6554fd5fa73fe38ef7f093 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...608.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 27608.js
Size

16.1MB
Sample

240428-n16ytsfd2z
MD5

f9016a3952c8ea65c9904c25c62d6e86
SHA1

b19316a663f84a0bd05ddeb0659de998504b8c85
SHA256

1223f257d55420e519938c205d39b24c83f095b49c6554fd5fa73fe38ef7f093
SHA512

404a12cfdf3f368dad78503e933efc614d3bd2c5cf1032553bf12d6291b9265d812d5a0f30aa147109d37b02ac51fc37fec0d742092967741cffe26a768ef906
SSDEEP

49152:87ltzjCxbUqHlp49zrN0HAhutkOzLYzYBJav+87/r3be/JNZGmGc3quvU0HxcE8T:S

Score

10^/10

gootloader loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 27608.js

Resource

win10v2004-20240419-en

gootloader loader

windows10-2004-x64

8 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 27608.js
- Size
  
  16.1MB
- MD5
  
  f9016a3952c8ea65c9904c25c62d6e86
- SHA1
  
  b19316a663f84a0bd05ddeb0659de998504b8c85
- SHA256
  
  1223f257d55420e519938c205d39b24c83f095b49c6554fd5fa73fe38ef7f093
- SHA512
  
  404a12cfdf3f368dad78503e933efc614d3bd2c5cf1032553bf12d6291b9265d812d5a0f30aa147109d37b02ac51fc37fec0d742092967741cffe26a768ef906
- SSDEEP
  
  49152:87ltzjCxbUqHlp49zrN0HAhutkOzLYzYBJav+87/r3be/JNZGmGc3quvU0HxcE8T:S
Score

10^/10

gootloader loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderloader

© 2018-2024

Terms | Privacy