gootloader | 5ea87676fa668a09c1db2988aadf70e29a377c172f17f1ed48b34d09730ebb47 | Triage

Submit
Reports

Overview

overview

Static

static

1

union_of_t...85).js

windows10-2004-x64

Sharing

General

Target

union_of_taxation_employees_collective_agreement(91985).js
Size

8.0MB
Sample

240904-p5z7hszgkn
MD5

cabe44b59e1b9d2e16c944787ac48e61
SHA1

d5111f4a5432aef1d4cd4aa632958e4d90b102ee
SHA256

5ea87676fa668a09c1db2988aadf70e29a377c172f17f1ed48b34d09730ebb47
SHA512

b7b81d2df403b88d84b075671dc0604f9a9b6e637f99050f14ef5d947d5ff1a99de3f7a5604df0470949bd856cabbface9c46a8d5d9bde37efc8f88bd5d2318d
SSDEEP

49152:/y+nncMHwtllKdy/s+LfHQiy+nncMHwtllKdy/s+LfHQiy+nncMHwtllKdy/s+LO:/MMMMMY

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

union_of_taxation_employees_collective_agreement(91985).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  union_of_taxation_employees_collective_agreement(91985).js
- Size
  
  8.0MB
- MD5
  
  cabe44b59e1b9d2e16c944787ac48e61
- SHA1
  
  d5111f4a5432aef1d4cd4aa632958e4d90b102ee
- SHA256
  
  5ea87676fa668a09c1db2988aadf70e29a377c172f17f1ed48b34d09730ebb47
- SHA512
  
  b7b81d2df403b88d84b075671dc0604f9a9b6e637f99050f14ef5d947d5ff1a99de3f7a5604df0470949bd856cabbface9c46a8d5d9bde37efc8f88bd5d2318d
- SSDEEP
  
  49152:/y+nncMHwtllKdy/s+LfHQiy+nncMHwtllKdy/s+LfHQiy+nncMHwtllKdy/s+LO:/MMMMMY
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy