gootloader | b954e27003d68bed8708928f6b36c8a9d7a92721be053e571fd9c78cfd1a6181 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...542.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 18542.js
Size

5.5MB
Sample

240608-p7n72abh2x
MD5

904eac126a8309b0ff39fe1525b75db2
SHA1

e98ada2cce5c463ed2c5b542dd0a93b26ceaeac0
SHA256

b954e27003d68bed8708928f6b36c8a9d7a92721be053e571fd9c78cfd1a6181
SHA512

4f3a3f05e61c2694ec067eaf57a25b0899c54745b355c86beac3a09559f38aaf209e86a583143ee179cf87738cdadaec7b3c800cfdb568cd2dae52c3d6f5f175
SSDEEP

49152:tWytwpCQK+lPWytwpCQK+lPWytwpCQK+lPWytwpCQK+lPWytwpCQK+lp:tOOOOI

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 18542.js

Resource

win10v2004-20240426-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 18542.js
- Size
  
  5.5MB
- MD5
  
  904eac126a8309b0ff39fe1525b75db2
- SHA1
  
  e98ada2cce5c463ed2c5b542dd0a93b26ceaeac0
- SHA256
  
  b954e27003d68bed8708928f6b36c8a9d7a92721be053e571fd9c78cfd1a6181
- SHA512
  
  4f3a3f05e61c2694ec067eaf57a25b0899c54745b355c86beac3a09559f38aaf209e86a583143ee179cf87738cdadaec7b3c800cfdb568cd2dae52c3d6f5f175
- SSDEEP
  
  49152:tWytwpCQK+lPWytwpCQK+lPWytwpCQK+lPWytwpCQK+lPWytwpCQK+lp:tOOOOI
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy