gootloader | 7b31a5d131b246f4250013336af2605a8e0cfe10ba4a8d4ed8e6720886babf90 | Triage

Submit
Reports

Overview

overview

Static

static

1

project la...542.js

windows7-x64

project la...542.js

windows10-2004-x64

Sharing

General

Target

project labor agreement in nj 55542.js
Size

8.8MB
Sample

240606-w97kqaab2z
MD5

09a44be731f54900eb51d0d1a5c95fd1
SHA1

878f9cf7bed86b46c176641b745426b81bed38d9
SHA256

7b31a5d131b246f4250013336af2605a8e0cfe10ba4a8d4ed8e6720886babf90
SHA512

b8fe355e67ceb96533cd781596352b9583696eea93b40c38b59cee509d2057d3f69f98132ce2b7a233b05cf9b4919a07edb82f77c23d9540c400906b3d6e8a39
SSDEEP

49152:r3ytwpCQK+dh3ytwpCQK+dh3ytwpCQK+dh3ytwpCQK+dh3ytwpCQK+dh3ytwpCQJ:rLLLLLLLH

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

project labor agreement in nj 55542.js

Resource

win7-20240508-en

gootloader execution loader

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

project labor agreement in nj 55542.js

Resource

win10v2004-20240508-en

gootloader execution loader

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  project labor agreement in nj 55542.js
- Size
  
  8.8MB
- MD5
  
  09a44be731f54900eb51d0d1a5c95fd1
- SHA1
  
  878f9cf7bed86b46c176641b745426b81bed38d9
- SHA256
  
  7b31a5d131b246f4250013336af2605a8e0cfe10ba4a8d4ed8e6720886babf90
- SHA512
  
  b8fe355e67ceb96533cd781596352b9583696eea93b40c38b59cee509d2057d3f69f98132ce2b7a233b05cf9b4919a07edb82f77c23d9540c400906b3d6e8a39
- SSDEEP
  
  49152:r3ytwpCQK+dh3ytwpCQK+dh3ytwpCQK+dh3ytwpCQK+dh3ytwpCQK+dh3ytwpCQJ:rLLLLLLLH
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

behavioral2

gootloaderexecutionloader

© 2018-2025

Terms | Privacy