gootloader | 0d0dcc22488c5704d7ad442def40677c8c2c951c672c38ccba15d3afce887f27 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...465.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 74465.js
Size

6.6MB
Sample

240521-phra4ade71
MD5

95f8f53617b608765d07aedd936c8588
SHA1

e66edb1fe580f3d4597e956099ebcca7500106a5
SHA256

0d0dcc22488c5704d7ad442def40677c8c2c951c672c38ccba15d3afce887f27
SHA512

c4c439a18f6ff70c24a659d3a1e84ead06fa214709173ed85768ce1aa74b3bb12e2cbd5f7af5cd6c70f5a4ef05cded52343ab16cee9a8ad21a19d236bde9889f
SSDEEP

49152:NytwpCQK+5LytwpCQK+5LytwpCQK+5LytwpCQK+5LytwpCQK+5LytwpCQK+5p:b

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 74465.js

Resource

win10v2004-20240426-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 74465.js
- Size
  
  6.6MB
- MD5
  
  95f8f53617b608765d07aedd936c8588
- SHA1
  
  e66edb1fe580f3d4597e956099ebcca7500106a5
- SHA256
  
  0d0dcc22488c5704d7ad442def40677c8c2c951c672c38ccba15d3afce887f27
- SHA512
  
  c4c439a18f6ff70c24a659d3a1e84ead06fa214709173ed85768ce1aa74b3bb12e2cbd5f7af5cd6c70f5a4ef05cded52343ab16cee9a8ad21a19d236bde9889f
- SSDEEP
  
  49152:NytwpCQK+5LytwpCQK+5LytwpCQK+5LytwpCQK+5LytwpCQK+5LytwpCQK+5p:b
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy