gootloader | 1f3338dbeda08ff5b4176790ad720f160e0435d3283c53b1393dd86c3fb051a0 | Triage

Submit
Reports

Overview

overview

Static

static

1

union_of_t...98).js

windows10-2004-x64

Resubmissions

18/09/2024, 12:09

240918-pbs64szcqd 10

18/09/2024, 11:51

240918-nz82ssygma 10

Sharing

General

Target

union_of_taxation_employees_collective_agreement(88998).js
Size

5.3MB
Sample

240918-pbs64szcqd
MD5

32e8b0c3d5675dba6a372c2998e9b55e
SHA1

13c19a612f8671a4c6c4e7f37483c0e5e5d4bb43
SHA256

1f3338dbeda08ff5b4176790ad720f160e0435d3283c53b1393dd86c3fb051a0
SHA512

bee58ff3db81361eb203d961c575e56085621a3fe6348094c8b07e35b7066f0b5499ceec31cb9357070bb9b3678e6f549eeb8f3fd3ed5c80bc73492c837c9735
SSDEEP

49152:xkfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LI:xuuu+

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

union_of_taxation_employees_collective_agreement(88998).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

600 seconds

Malware Config

Targets

- Target
  
  union_of_taxation_employees_collective_agreement(88998).js
- Size
  
  5.3MB
- MD5
  
  32e8b0c3d5675dba6a372c2998e9b55e
- SHA1
  
  13c19a612f8671a4c6c4e7f37483c0e5e5d4bb43
- SHA256
  
  1f3338dbeda08ff5b4176790ad720f160e0435d3283c53b1393dd86c3fb051a0
- SHA512
  
  bee58ff3db81361eb203d961c575e56085621a3fe6348094c8b07e35b7066f0b5499ceec31cb9357070bb9b3678e6f549eeb8f3fd3ed5c80bc73492c837c9735
- SSDEEP
  
  49152:xkfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LfHQekfcnNhkwrcfqcGUs+LI:xuuu+
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2025

Terms | Privacy