gootloader | d6742612fe278a4bab91cc941a55ef25d4dd4d4e47df54ea7df46ed9d343d084 | Triage

Submit
Reports

Overview

overview

Static

static

1

union_of_t...42).js

windows10-2004-x64

Sharing

General

Target

union_of_taxation_employees_collective_agreement(942).js
Size

9.0MB
Sample

240926-nk6m5avbpq
MD5

44516e74f98a271a6ad9ffab16a0d4b3
SHA1

9f3ebe65d12acc1b79046ab31dec9f5dde8ecf84
SHA256

d6742612fe278a4bab91cc941a55ef25d4dd4d4e47df54ea7df46ed9d343d084
SHA512

4dad261abd7a687512dd0dd2d9ce529f89bd550bf97e6923ecc54ce33cb6bdf4ee8da467d3dde236306935eb1ec0d0a2aff73a209e77753b69e83038a8a94312
SSDEEP

98304:oYTPV0YTPV0YTPV0YTPV0YTPV0YTPV0YTPVD:oY6Y6Y6Y6Y6Y6YZ

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

union_of_taxation_employees_collective_agreement(942).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  union_of_taxation_employees_collective_agreement(942).js
- Size
  
  9.0MB
- MD5
  
  44516e74f98a271a6ad9ffab16a0d4b3
- SHA1
  
  9f3ebe65d12acc1b79046ab31dec9f5dde8ecf84
- SHA256
  
  d6742612fe278a4bab91cc941a55ef25d4dd4d4e47df54ea7df46ed9d343d084
- SHA512
  
  4dad261abd7a687512dd0dd2d9ce529f89bd550bf97e6923ecc54ce33cb6bdf4ee8da467d3dde236306935eb1ec0d0a2aff73a209e77753b69e83038a8a94312
- SSDEEP
  
  98304:oYTPV0YTPV0YTPV0YTPV0YTPV0YTPV0YTPVD:oY6Y6Y6Y6Y6Y6YZ
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy