gootloader | 9bc7e91a019211cdb07ba42c1432c10d4ae0bfbeaaf843f13bad37c137dfc8d7 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...574.js

windows10-2004-x64

Resubmissions

17-07-2024 20:01

240717-yr1qkawfkp 10

Sharing

General

Target

pa collective agreement pay 21574.js
Size

4.4MB
Sample

240605-pqxsvagc64
MD5

ca8b85cc76257b18d1a991a4cacc8a92
SHA1

cde314a8b94168195210e6c41ac679e289c141c4
SHA256

9bc7e91a019211cdb07ba42c1432c10d4ae0bfbeaaf843f13bad37c137dfc8d7
SHA512

9c7acb647f136ba034f58851fa82096ab28737acd164d25c5e28767a76db40b8229e311a60dd79062e442a98373f90bf69f2ed618592d1dab5c81ed5b51f19c8
SSDEEP

49152:yQytwpCQK+AYQytwpCQK+AYQytwpCQK+AYQytwpCQK+Ap:y444J

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 21574.js

Resource

win10v2004-20240226-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 21574.js
- Size
  
  4.4MB
- MD5
  
  ca8b85cc76257b18d1a991a4cacc8a92
- SHA1
  
  cde314a8b94168195210e6c41ac679e289c141c4
- SHA256
  
  9bc7e91a019211cdb07ba42c1432c10d4ae0bfbeaaf843f13bad37c137dfc8d7
- SHA512
  
  9c7acb647f136ba034f58851fa82096ab28737acd164d25c5e28767a76db40b8229e311a60dd79062e442a98373f90bf69f2ed618592d1dab5c81ed5b51f19c8
- SSDEEP
  
  49152:yQytwpCQK+AYQytwpCQK+AYQytwpCQK+AYQytwpCQK+Ap:y444J
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy