gootloader | 12c6c86d5479035eab286d8a21c5b30330f1f12c52c8870721591dacef605bdc | Triage

Submit
Reports

Overview

overview

Static

static

1

union_of_t...29).js

windows10-2004-x64

Sharing

General

Target

union_of_taxation_employees_collective_agreement(54729).js
Size

5.3MB
Sample

240828-qakn1s1cnq
MD5

d34474eb539c07cce3af9f8940fe581c
SHA1

d83cb2479ea6b102dcb913d191c430405071a093
SHA256

12c6c86d5479035eab286d8a21c5b30330f1f12c52c8870721591dacef605bdc
SHA512

734095c145bede35641d16f3eb7c7f8840137819da1c31b90d50f95bf2cd5d5999b2e48e5c423274fb7e711f4618514a0fd56fae8350521d6ca9d191a8d77fc8
SSDEEP

49152:4WvynITWwTvfR9G2s+LfHQZWvynITWwTvfR9G2s+LfHQZWvynITWwTvfR9G2s+Lh:4tttS

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

union_of_taxation_employees_collective_agreement(54729).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  union_of_taxation_employees_collective_agreement(54729).js
- Size
  
  5.3MB
- MD5
  
  d34474eb539c07cce3af9f8940fe581c
- SHA1
  
  d83cb2479ea6b102dcb913d191c430405071a093
- SHA256
  
  12c6c86d5479035eab286d8a21c5b30330f1f12c52c8870721591dacef605bdc
- SHA512
  
  734095c145bede35641d16f3eb7c7f8840137819da1c31b90d50f95bf2cd5d5999b2e48e5c423274fb7e711f4618514a0fd56fae8350521d6ca9d191a8d77fc8
- SSDEEP
  
  49152:4WvynITWwTvfR9G2s+LfHQZWvynITWwTvfR9G2s+LfHQZWvynITWwTvfR9G2s+Lh:4tttS
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy