gootloader | eb1904412bf347499968bca9622d48089d3f25514253cefcabe37a68562c2d9b | Triage

Submit
Reports

Overview

overview

Static

static

1

government...50).js

windows10-2004-x64

Sharing

General

Target

government_of_bc_collective_agreement(20750).js
Size

7.4MB
Sample

240820-plxbhsvgqr
MD5

11c2d0b8224e0f258af61d835ab48987
SHA1

f881de34366b87f76e962fcb027c8a5233ea68b1
SHA256

eb1904412bf347499968bca9622d48089d3f25514253cefcabe37a68562c2d9b
SHA512

07c30de944e5d7134d7ef1fd8ad2c68b1caeb93d56bb485cc4d80ef3b4c1b6ff144ae1d7ef44c842671e100957752092e98f2ebd190a148b3672ad186fee274c
SSDEEP

49152:rP42+64FbEc6GhQn5C9l+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijs0:K31313K

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

government_of_bc_collective_agreement(20750).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  government_of_bc_collective_agreement(20750).js
- Size
  
  7.4MB
- MD5
  
  11c2d0b8224e0f258af61d835ab48987
- SHA1
  
  f881de34366b87f76e962fcb027c8a5233ea68b1
- SHA256
  
  eb1904412bf347499968bca9622d48089d3f25514253cefcabe37a68562c2d9b
- SHA512
  
  07c30de944e5d7134d7ef1fd8ad2c68b1caeb93d56bb485cc4d80ef3b4c1b6ff144ae1d7ef44c842671e100957752092e98f2ebd190a148b3672ad186fee274c
- SSDEEP
  
  49152:rP42+64FbEc6GhQn5C9l+4SSNRLFjzW03NZPn3SbYmGBl+Kn8P4BlwUC3kiQijs0:K31313K
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy