gootloader | 07ceb791dffbd73c53e4dda40fb8c98e2b612b320f0f162db95ead6cc2b9dd47 | Triage

Submit
Reports

Overview

overview

Static

static

1

government...87).js

windows10-2004-x64

Sharing

General

Target

government_of_bc_collective_agreement(23587).js
Size

7.4MB
Sample

240816-n7hvksxdrr
MD5

fd5e36cd27aef0d16314b5bb2c5e7ff9
SHA1

a039e3af8095c72a8f4f199a5c77847f94fe51d5
SHA256

07ceb791dffbd73c53e4dda40fb8c98e2b612b320f0f162db95ead6cc2b9dd47
SHA512

d6ce61bfbdca514d75cfa30bc47ed548c968cfbcef992ae0deecec3483b269f92f45aec918a3c22fd01a2b9e252c9a93613f2218c17862198bd826a331fcfce9
SSDEEP

49152:zd64+9dFbEc6GhQt5C8l+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsO:V3y3y3K

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government_of_bc_collective_agreement(23587).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government_of_bc_collective_agreement(23587).js
- Size
  
  7.4MB
- MD5
  
  fd5e36cd27aef0d16314b5bb2c5e7ff9
- SHA1
  
  a039e3af8095c72a8f4f199a5c77847f94fe51d5
- SHA256
  
  07ceb791dffbd73c53e4dda40fb8c98e2b612b320f0f162db95ead6cc2b9dd47
- SHA512
  
  d6ce61bfbdca514d75cfa30bc47ed548c968cfbcef992ae0deecec3483b269f92f45aec918a3c22fd01a2b9e252c9a93613f2218c17862198bd826a331fcfce9
- SSDEEP
  
  49152:zd64+9dFbEc6GhQt5C8l+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsO:V3y3y3K
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy