gootloader | 9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548 | Triage

Submit
Reports

Overview

overview

Static

static

1

9fdfa51e09...548.js

windows7-x64

9fdfa51e09...548.js

windows10-2004-x64

Sharing

General

Target

9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548
Size

20.5MB
Sample

240725-pz49aayhrp
MD5

3da403ae5012e4b10c6fc06db02c270d
SHA1

0349a0f045a960e9a5306501962b7c5175058384
SHA256

9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548
SHA512

f91f16e0b07d2dbee67209216f6fbd741eb9d52b1cf8c3e7a7f09a78bc5914577d4f7b6a4a08dea7753c000841ec24eba74762b8cf2de013b5d1195ff3588921
SSDEEP

49152:YYRxr8uC0NjaCX2RgYRxr8uC0NjaCX2RgYRxr8uC0NjaCX2Rf:sqqF

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548.js

Resource

win7-20240708-en

gootloader execution loader

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548.js

Resource

win10v2004-20240709-en

gootloader execution loader

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548
- Size
  
  20.5MB
- MD5
  
  3da403ae5012e4b10c6fc06db02c270d
- SHA1
  
  0349a0f045a960e9a5306501962b7c5175058384
- SHA256
  
  9fdfa51e09526526342cebfb831fe3fbb0095aa779b9381bd50cf3509799b548
- SHA512
  
  f91f16e0b07d2dbee67209216f6fbd741eb9d52b1cf8c3e7a7f09a78bc5914577d4f7b6a4a08dea7753c000841ec24eba74762b8cf2de013b5d1195ff3588921
- SSDEEP
  
  49152:YYRxr8uC0NjaCX2RgYRxr8uC0NjaCX2RgYRxr8uC0NjaCX2Rf:sqqF
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

behavioral2

gootloaderexecutionloader

© 2018-2024

Terms | Privacy