gootloader | 6845b1b56f96ac2b68de7add4c4037134bd03f1ff735ec86d5a95d552fa4591d | Triage

Submit
Reports

Overview

overview

Static

static

1

government...297.js

windows10-2004-x64

Sharing

General

Target

government of bc collective agreement 62297.js
Size

27.4MB
Sample

240806-qmgg5azfqr
MD5

bfe0cd80fbce0d0e8d63f59086624920
SHA1

de1cdfcc2b7e1a1b4f90f9cd9ee1099be4a8b427
SHA256

6845b1b56f96ac2b68de7add4c4037134bd03f1ff735ec86d5a95d552fa4591d
SHA512

f3d8f072b043b1bb7905da81294b3867ddfa8ecf7fc18b4000a24dccea17bb416be5faed7965fa24ab5ba1e4cc512bc658c4c53f067a64259e1e6ff15486d723
SSDEEP

49152:YYRxr8uC0NjaCXEcJgYRxr8uC0NjaCXEcJgYRxr8uC0NjaCXEcJgYRxr8uC0Njau:ic4c4c4ct

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government of bc collective agreement 62297.js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government of bc collective agreement 62297.js
- Size
  
  27.4MB
- MD5
  
  bfe0cd80fbce0d0e8d63f59086624920
- SHA1
  
  de1cdfcc2b7e1a1b4f90f9cd9ee1099be4a8b427
- SHA256
  
  6845b1b56f96ac2b68de7add4c4037134bd03f1ff735ec86d5a95d552fa4591d
- SHA512
  
  f3d8f072b043b1bb7905da81294b3867ddfa8ecf7fc18b4000a24dccea17bb416be5faed7965fa24ab5ba1e4cc512bc658c4c53f067a64259e1e6ff15486d723
- SSDEEP
  
  49152:YYRxr8uC0NjaCXEcJgYRxr8uC0NjaCXEcJgYRxr8uC0NjaCXEcJgYRxr8uC0Njau:ic4c4c4ct
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy