gootloader | 1254f254b9dc83ad59c3bee2c0a2b2650f54783db6025f787009cb5ecd550397 | Triage

Submit
Reports

Overview

overview

Static

static

1

union_of_t...60).js

windows10-2004-x64

Sharing

General

Target

union_of_taxation_employees_collective_agreement(72460).js
Size

10.3MB
Sample

241004-p1rdtayfrc
MD5

5e8afdcc772982b1d39f3dce21b9587b
SHA1

06614f068cc83c71919b8727a8d6a77ddd174640
SHA256

1254f254b9dc83ad59c3bee2c0a2b2650f54783db6025f787009cb5ecd550397
SHA512

d37e374809d432031631983c421578ad82707d94bea6cc4ed4751901f4dd77131800271e42e679daad5ba2418d0adb082807bd62238e885f923fbe84de52855d
SSDEEP

98304:ysPVesPVesPVesPVesPVesPVesPVesPVD:y9999999w

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

union_of_taxation_employees_collective_agreement(72460).js

Resource

win10v2004-20240802-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  union_of_taxation_employees_collective_agreement(72460).js
- Size
  
  10.3MB
- MD5
  
  5e8afdcc772982b1d39f3dce21b9587b
- SHA1
  
  06614f068cc83c71919b8727a8d6a77ddd174640
- SHA256
  
  1254f254b9dc83ad59c3bee2c0a2b2650f54783db6025f787009cb5ecd550397
- SHA512
  
  d37e374809d432031631983c421578ad82707d94bea6cc4ed4751901f4dd77131800271e42e679daad5ba2418d0adb082807bd62238e885f923fbe84de52855d
- SSDEEP
  
  98304:ysPVesPVesPVesPVesPVesPVesPVesPVD:y9999999w
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy