gootloader | cc1513d8fb0331ce6ad459936e09d6a03ba0ce11594e977f7c033bf8cc0e4b01 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...374.js

windows10-2004-x64

Resubmissions

01-06-2024 13:28

240601-qqpb5sec28 10

01-06-2024 13:25

240601-qn89jadd2z 1

01-06-2024 13:07

240601-qc3ydadh25 10

Sharing

General

Target

pa collective agreement pay 66374.js
Size

11.0MB
Sample

240601-qc3ydadh25
MD5

607d0047ee62218601f2ca8810978a69
SHA1

1ed289f574accb0a8b57ee10ac4c4bab5ea816b3
SHA256

cc1513d8fb0331ce6ad459936e09d6a03ba0ce11594e977f7c033bf8cc0e4b01
SHA512

fbfb64dbc7d0decb19a324356b972cb5d998620d0a0cf9ac2e3f5faa1c072ba7092a81caa697debe4e2bc5e5ae49c9b466f9af3a9fee28f84fda69e69bced1f8
SSDEEP

49152:co9ytwpCQK+xuo9ytwpCQK+xuo9ytwpCQK+xuo9ytwpCQK+xuo9ytwpCQK+xuo9T:coyoyoyoyoyoyoyoyoyoV

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 66374.js

Resource

win10v2004-20240508-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 66374.js
- Size
  
  11.0MB
- MD5
  
  607d0047ee62218601f2ca8810978a69
- SHA1
  
  1ed289f574accb0a8b57ee10ac4c4bab5ea816b3
- SHA256
  
  cc1513d8fb0331ce6ad459936e09d6a03ba0ce11594e977f7c033bf8cc0e4b01
- SHA512
  
  fbfb64dbc7d0decb19a324356b972cb5d998620d0a0cf9ac2e3f5faa1c072ba7092a81caa697debe4e2bc5e5ae49c9b466f9af3a9fee28f84fda69e69bced1f8
- SSDEEP
  
  49152:co9ytwpCQK+xuo9ytwpCQK+xuo9ytwpCQK+xuo9ytwpCQK+xuo9ytwpCQK+xuo9T:coyoyoyoyoyoyoyoyoyoV
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy