gootloader | 1485820f3fbd4efb8a2d02ee5397675617adec9a5bdcfb1dfead5ca0df0d9478 | Triage

Submit
Reports

Overview

overview

Static

static

1

MEETIN~1.js

windows10-2004-x64

Sharing

General

Target

MEETIN~1.JS
Size

41.0MB
Sample

240608-qret4aca3t
MD5

fdf7ee2748512c0dc929bd6294d59f6a
SHA1

7056a56c2b89e3fdce7e6ea8747b36520d7aed0b
SHA256

1485820f3fbd4efb8a2d02ee5397675617adec9a5bdcfb1dfead5ca0df0d9478
SHA512

5ee28a6c20fbcee24a474b0cf3f05ab98ccc46bdfc18215417cab145386bbe0dcff5f3beb0f34eaf435113d65bfda698da375cbaf4fb3412aba6116211ce0580
SSDEEP

6144:rbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbH:L

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

MEETIN~1.js

Resource

win10v2004-20240508-en

gootloader execution loader

windows10-2004-x64

9 signatures

600 seconds

Malware Config

Targets

- Target
  
  MEETIN~1.JS
- Size
  
  41.0MB
- MD5
  
  fdf7ee2748512c0dc929bd6294d59f6a
- SHA1
  
  7056a56c2b89e3fdce7e6ea8747b36520d7aed0b
- SHA256
  
  1485820f3fbd4efb8a2d02ee5397675617adec9a5bdcfb1dfead5ca0df0d9478
- SHA512
  
  5ee28a6c20fbcee24a474b0cf3f05ab98ccc46bdfc18215417cab145386bbe0dcff5f3beb0f34eaf435113d65bfda698da375cbaf4fb3412aba6116211ce0580
- SSDEEP
  
  6144:rbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbH:L
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy