gootloader | d613ef8d21b00a7f6c7d71d21bc01d81bf7f8d5209d4c9682d202ae06eec6d81 | Triage

Submit
Reports

Overview

overview

Static

static

1

union_of_t...58).js

windows10-2004-x64

Sharing

General

Target

union_of_taxation_employees_collective_agreement(6258).js
Size

9.3MB
Sample

240904-pq2rsszdpk
MD5

9aeccabc959739cefba3b67c79b7cf81
SHA1

0699519fce6a1242d63965d4bc828ea75e0aa60d
SHA256

d613ef8d21b00a7f6c7d71d21bc01d81bf7f8d5209d4c9682d202ae06eec6d81
SHA512

04135c95bbd6ead626c58e498f53e60a8dfe402e454e292442ac8ac57f62d71a94b0aaebc34d542f7faa1bfe027f7de6837ab77b157b9108755fe033dab2696a
SSDEEP

49152:fQ1XXnBm4wIcAngG/s+LfHQsQ1XXnBm4wIcAngG/s+LfHQsQ1XXnBm4wIcAngG//:IOOOOOOx

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

union_of_taxation_employees_collective_agreement(6258).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  union_of_taxation_employees_collective_agreement(6258).js
- Size
  
  9.3MB
- MD5
  
  9aeccabc959739cefba3b67c79b7cf81
- SHA1
  
  0699519fce6a1242d63965d4bc828ea75e0aa60d
- SHA256
  
  d613ef8d21b00a7f6c7d71d21bc01d81bf7f8d5209d4c9682d202ae06eec6d81
- SHA512
  
  04135c95bbd6ead626c58e498f53e60a8dfe402e454e292442ac8ac57f62d71a94b0aaebc34d542f7faa1bfe027f7de6837ab77b157b9108755fe033dab2696a
- SSDEEP
  
  49152:fQ1XXnBm4wIcAngG/s+LfHQsQ1XXnBm4wIcAngG/s+LfHQsQ1XXnBm4wIcAngG//:IOOOOOOx
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy