gootloader | 622b20a8bbee405b775d7727587306afa3d4e69ae2841b19059953824fc38311 | Triage

Submit
Reports

Overview

overview

Static

static

1

government...16).js

windows10-2004-x64

Sharing

General

Target

government_of_bc_collective_agreement(20116).js
Size

7.4MB
Sample

240819-qdsh2awajc
MD5

a7f1167e911fbc5cf4ac56f83ed3212f
SHA1

9df8141203da50a4fba1f52fcef7a9ee7931bb9d
SHA256

622b20a8bbee405b775d7727587306afa3d4e69ae2841b19059953824fc38311
SHA512

1e7bf40aae8e1e7dba44a3942f6e24d49b6e2a221a490cd2097cbec29a71a1906880dabd9665133a0cfffc01d8b6cb831c3b2b06331404446d14f08b94765dcd
SSDEEP

49152:Ercw+9hFbEc6GhQk5C5l+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsE:q3r3r3K

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government_of_bc_collective_agreement(20116).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government_of_bc_collective_agreement(20116).js
- Size
  
  7.4MB
- MD5
  
  a7f1167e911fbc5cf4ac56f83ed3212f
- SHA1
  
  9df8141203da50a4fba1f52fcef7a9ee7931bb9d
- SHA256
  
  622b20a8bbee405b775d7727587306afa3d4e69ae2841b19059953824fc38311
- SHA512
  
  1e7bf40aae8e1e7dba44a3942f6e24d49b6e2a221a490cd2097cbec29a71a1906880dabd9665133a0cfffc01d8b6cb831c3b2b06331404446d14f08b94765dcd
- SSDEEP
  
  49152:Ercw+9hFbEc6GhQk5C5l+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijsE:q3r3r3K
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy