gootloader | 7ea81a28236a0f5ec3646974c3a918e650d5731e6be7a04cac1b80d08d2be1e4 | Triage

Submit
Reports

Overview

overview

Static

static

1

government...01).js

windows10-2004-x64

Sharing

General

Target

government_of_bc_collective_agreement(72601).js
Size

17.3MB
Sample

240818-p8jc6svake
MD5

cde17880d76697c461089443462fc29c
SHA1

c776f53023a73b1448df8e0b3f04797a74df0c5d
SHA256

7ea81a28236a0f5ec3646974c3a918e650d5731e6be7a04cac1b80d08d2be1e4
SHA512

eb1263a1c9426abb71ff789e5abe095dcf62cb893e7718b4fbc9585ca6a344a713d8e70c08c27a8c1492d50bca87ed4725d14c8194aa1160231223eaa9eca2bb
SSDEEP

49152:SPcM+UtFbEc6GhQX5CCl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsg:n3232323232323K

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government_of_bc_collective_agreement(72601).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government_of_bc_collective_agreement(72601).js
- Size
  
  17.3MB
- MD5
  
  cde17880d76697c461089443462fc29c
- SHA1
  
  c776f53023a73b1448df8e0b3f04797a74df0c5d
- SHA256
  
  7ea81a28236a0f5ec3646974c3a918e650d5731e6be7a04cac1b80d08d2be1e4
- SHA512
  
  eb1263a1c9426abb71ff789e5abe095dcf62cb893e7718b4fbc9585ca6a344a713d8e70c08c27a8c1492d50bca87ed4725d14c8194aa1160231223eaa9eca2bb
- SSDEEP
  
  49152:SPcM+UtFbEc6GhQX5CCl+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsg:n3232323232323K
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy