gootloader | 10608406cf8f819b2b9deb339a9d1db16a770e6b257228dc9920f1b00207e923 | Triage

Sharing

General

Target

10608406cf8f819b2b9deb339a9d1db16a770e6b257228dc9920f1b00207e923N
Size

483KB
Sample

241009-sqpzsaxglk
MD5

c26bc6518f47a63c4e419a8a68ce6e10
SHA1

4fcb47ae4ae3e131d5135b0d9900aaae1e65c4e9
SHA256

10608406cf8f819b2b9deb339a9d1db16a770e6b257228dc9920f1b00207e923
SHA512

f91d30aea3bbc8ced5e37040e267786ff406cd00284075de4210b81d32ba445bf3ab28b6bf4bd69445412200e684ae309b01282f8a63401529553ec39bfaf7a8
SSDEEP

6144:dQI3Z8ulahl4BhEfDdxe7RiagmdEiLAmWR64S4:JnhEfDdxeiagmdEiLAmWR6o

Score

10^/10

gootloader execution loader

Malware Config

Targets

- Target
  
  10608406cf8f819b2b9deb339a9d1db16a770e6b257228dc9920f1b00207e923N
- Size
  
  483KB
- MD5
  
  c26bc6518f47a63c4e419a8a68ce6e10
- SHA1
  
  4fcb47ae4ae3e131d5135b0d9900aaae1e65c4e9
- SHA256
  
  10608406cf8f819b2b9deb339a9d1db16a770e6b257228dc9920f1b00207e923
- SHA512
  
  f91d30aea3bbc8ced5e37040e267786ff406cd00284075de4210b81d32ba445bf3ab28b6bf4bd69445412200e684ae309b01282f8a63401529553ec39bfaf7a8
- SSDEEP
  
  6144:dQI3Z8ulahl4BhEfDdxe7RiagmdEiLAmWR64S4:JnhEfDdxeiagmdEiLAmWR6o
Score

10^/10

execution gootloader loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gootloaderexecutionloader