gootloader | 39e57f888df18a927d66ea343badddd691952fafa1625a01497be903de381750 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...189.js

windows10-2004-x64

Resubmissions

18-06-2024 12:51

240618-p3pb8syclm 10

18-06-2024 12:36

240618-ps1yaatdnb 10

Sharing

General

Target

pa collective agreement pay 44189.js
Size

18.5MB
Sample

240618-ps1yaatdnb
MD5

9a85a58f8b7f117cf590d03a2ff14b38
SHA1

c813b5ef1649cda4da12a2c2ada177756695549c
SHA256

39e57f888df18a927d66ea343badddd691952fafa1625a01497be903de381750
SHA512

03a7b10c5156d8643e8d84e9d7278658e9bf7dc01067d3cf649802da872bbd3f093bd9f9727a4ec4185a890ece15ab9e78b4258b5cba493fbb659baec8be9027
SSDEEP

49152:RU508dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDOU508dPXWR4ba/JOtZ:5c43mPc43mPc43mPc43ml

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 44189.js

Resource

win10v2004-20240508-en

gootloader execution loader

windows10-2004-x64

9 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 44189.js
- Size
  
  18.5MB
- MD5
  
  9a85a58f8b7f117cf590d03a2ff14b38
- SHA1
  
  c813b5ef1649cda4da12a2c2ada177756695549c
- SHA256
  
  39e57f888df18a927d66ea343badddd691952fafa1625a01497be903de381750
- SHA512
  
  03a7b10c5156d8643e8d84e9d7278658e9bf7dc01067d3cf649802da872bbd3f093bd9f9727a4ec4185a890ece15ab9e78b4258b5cba493fbb659baec8be9027
- SSDEEP
  
  49152:RU508dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDOU508dPXWR4ba/JOtZ:5c43mPc43mPc43mPc43ml
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy