gootloader | 9ed8a1e46824ec9f06dbd63c5d43c79db62f7c2db3f463156396f2acab927140 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...276.js

windows10-2004-x64

Resubmissions

29-05-2024 20:45

240529-zjph1aab24 10

27-05-2024 12:20

240527-phzbpsbf6t 10

Sharing

General

Target

pa collective agreement pay 4276.js
Size

9.9MB
Sample

240527-phzbpsbf6t
MD5

50d8be57ade9dfef0d88ceebaed045e7
SHA1

88925bcacd1a933e0be0d9b4c7c5c39cb778615b
SHA256

9ed8a1e46824ec9f06dbd63c5d43c79db62f7c2db3f463156396f2acab927140
SHA512

cd78210384b12978fe4712e1ae137a7a941718caa478b42a51bdf45995ce05369469f8e7dafbb2f77eded67eb77867b76913d0bf7f44b2a3316994b3431fdead
SSDEEP

49152:jytwpCQK+qFytwpCQK+qFytwpCQK+qFytwpCQK+qFytwpCQK+qFytwpCQK+qFytl:m

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 4276.js

Resource

win10v2004-20240426-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 4276.js
- Size
  
  9.9MB
- MD5
  
  50d8be57ade9dfef0d88ceebaed045e7
- SHA1
  
  88925bcacd1a933e0be0d9b4c7c5c39cb778615b
- SHA256
  
  9ed8a1e46824ec9f06dbd63c5d43c79db62f7c2db3f463156396f2acab927140
- SHA512
  
  cd78210384b12978fe4712e1ae137a7a941718caa478b42a51bdf45995ce05369469f8e7dafbb2f77eded67eb77867b76913d0bf7f44b2a3316994b3431fdead
- SSDEEP
  
  49152:jytwpCQK+qFytwpCQK+qFytwpCQK+qFytwpCQK+qFytwpCQK+qFytwpCQK+qFytl:m
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy