gootloader | 0f5d09fb71d168f3bd2c0a236a2810564568b1e0df8f2567c2c9029ef6327f3e | Triage

Submit
Reports

Overview

overview

Static

static

1

government...704.js

windows10-2004-x64

Sharing

General

Target

government of canada psac collective agreement 38704.js
Size

27.4MB
Sample

240730-q2zx1s1hnn
MD5

ea896e481568829f6f59098f4f584f7f
SHA1

b39c3eb087e42018b1ab740eeb196aeda00ec245
SHA256

0f5d09fb71d168f3bd2c0a236a2810564568b1e0df8f2567c2c9029ef6327f3e
SHA512

5533fbea0d70da197c435a1081006b14a8a6453ecfd032b94515dbc897a1730c3feefe76ef2dca8eb3505f5113a23d59b1e7891f5131ad860709395c3264929a
SSDEEP

49152:YYRxr8uC0NjaCXB/gYRxr8uC0NjaCXB/gYRxr8uC0NjaCXB/gYRxr8uC0NjaCXBH:LrrrH

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government of canada psac collective agreement 38704.js

Resource

win10v2004-20240709-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government of canada psac collective agreement 38704.js
- Size
  
  27.4MB
- MD5
  
  ea896e481568829f6f59098f4f584f7f
- SHA1
  
  b39c3eb087e42018b1ab740eeb196aeda00ec245
- SHA256
  
  0f5d09fb71d168f3bd2c0a236a2810564568b1e0df8f2567c2c9029ef6327f3e
- SHA512
  
  5533fbea0d70da197c435a1081006b14a8a6453ecfd032b94515dbc897a1730c3feefe76ef2dca8eb3505f5113a23d59b1e7891f5131ad860709395c3264929a
- SSDEEP
  
  49152:YYRxr8uC0NjaCXB/gYRxr8uC0NjaCXB/gYRxr8uC0NjaCXB/gYRxr8uC0NjaCXBH:LrrrH
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy