gootloader | 7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1 | Triage

Submit
Reports

Overview

overview

Static

static

1

government...226.js

windows10-2004-x64

Sharing

General

Target

government of bc collective agreement 226.js
Size

13.7MB
Sample

240804-qkn47awdjn
MD5

0e5d3ff86711e4606feb69d9c0c5782a
SHA1

a2b8b003a425d543c65531c38809bbca069d8c06
SHA256

7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1
SHA512

fa2bac161cb1154f11332d0d0cc55992f10daa2df2167add56ed3c17b0c9e880d6c7ea1e1838e0a6c484de383daf2b917270efecfd73af4fdc838f9e9af252fe
SSDEEP

49152:YYRxr8uC0NjaCXqDRgYRxr8uC0NjaCXqDRf:4qx

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government of bc collective agreement 226.js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government of bc collective agreement 226.js
- Size
  
  13.7MB
- MD5
  
  0e5d3ff86711e4606feb69d9c0c5782a
- SHA1
  
  a2b8b003a425d543c65531c38809bbca069d8c06
- SHA256
  
  7925e38767da785617bc853e07a5dcda9c020dfed1d8aaf99c020d6398bbf5d1
- SHA512
  
  fa2bac161cb1154f11332d0d0cc55992f10daa2df2167add56ed3c17b0c9e880d6c7ea1e1838e0a6c484de383daf2b917270efecfd73af4fdc838f9e9af252fe
- SSDEEP
  
  49152:YYRxr8uC0NjaCXqDRgYRxr8uC0NjaCXqDRf:4qx
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy