gootloader | dab58005fca75f206bd08cc40373d1b3a036d453a0ae37e6cdaea94feb738255 | Triage

Submit
Reports

Overview

overview

Static

static

1

sample_text.js

windows7-x64

sample_text.js

windows10-2004-x64

Sharing

General

Target

sample_text.js
Size

3.6MB
Sample

240724-wvxf7szfnn
MD5

cdacfa6676bc8c3e1b1fd4474077c030
SHA1

fc4c004a58aa791470772fe0bc0f3daeceae801e
SHA256

dab58005fca75f206bd08cc40373d1b3a036d453a0ae37e6cdaea94feb738255
SHA512

6bbfbdc951e03b82859a17887eba99af1cb6f5e95b2e4849ff5391ebb1a43d114fa18e79960f0ef9347ac6a44e9aef5bf70ea838f3d3f0d85361d7394f33c1bc
SSDEEP

49152:Nx3ii6gobYQS3QpOVtFBgiAEn0i2pdlQFgC00vqaeqNn0i2pdliWtAXiAwyfMtAX:NQpwtFBgg

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

sample_text.js

Resource

win7-20240705-en

gootloader execution loader

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample_text.js

Resource

win10v2004-20240704-en

gootloader execution loader

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  sample_text.js
- Size
  
  3.6MB
- MD5
  
  cdacfa6676bc8c3e1b1fd4474077c030
- SHA1
  
  fc4c004a58aa791470772fe0bc0f3daeceae801e
- SHA256
  
  dab58005fca75f206bd08cc40373d1b3a036d453a0ae37e6cdaea94feb738255
- SHA512
  
  6bbfbdc951e03b82859a17887eba99af1cb6f5e95b2e4849ff5391ebb1a43d114fa18e79960f0ef9347ac6a44e9aef5bf70ea838f3d3f0d85361d7394f33c1bc
- SSDEEP
  
  49152:Nx3ii6gobYQS3QpOVtFBgiAEn0i2pdlQFgC00vqaeqNn0i2pdliWtAXiAwyfMtAX:NQpwtFBgg
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

behavioral2

gootloaderexecutionloader

© 2018-2024

Terms | Privacy