gootloader | 20037cf6896e2fdb5f367baa442a52579780a40bffdc300909fedf4777f4ff69 | Triage

Submit
Reports

Overview

overview

Static

static

1

government...032.js

windows10-2004-x64

Sharing

General

Target

government of bc collective agreement 37032.js
Size

13.7MB
Sample

240808-a11j6axalq
MD5

c05fc3879d31d09cecc5d3f43ffe5099
SHA1

74ded9419b5cbbc08adaff487d2b68fdf0c5e9ba
SHA256

20037cf6896e2fdb5f367baa442a52579780a40bffdc300909fedf4777f4ff69
SHA512

d9cfc8ebb82a1294e2ea1ad878318a666c03667956a407d77aeb16cb42a3ab00ff3178b4647ddc295817399b63f7d57f5236e24ce7f329d97b9a01ed36801ad5
SSDEEP

49152:YYRxr8uC0NjaCX6ugYRxr8uC0NjaCX6uf:MdS

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government of bc collective agreement 37032.js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government of bc collective agreement 37032.js
- Size
  
  13.7MB
- MD5
  
  c05fc3879d31d09cecc5d3f43ffe5099
- SHA1
  
  74ded9419b5cbbc08adaff487d2b68fdf0c5e9ba
- SHA256
  
  20037cf6896e2fdb5f367baa442a52579780a40bffdc300909fedf4777f4ff69
- SHA512
  
  d9cfc8ebb82a1294e2ea1ad878318a666c03667956a407d77aeb16cb42a3ab00ff3178b4647ddc295817399b63f7d57f5236e24ce7f329d97b9a01ed36801ad5
- SSDEEP
  
  49152:YYRxr8uC0NjaCX6ugYRxr8uC0NjaCX6uf:MdS
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy