gootloader | 9c236eabb385b9402120bb087f0fbaa1b7ec11a897290ac6196d82197bd24ab0 | Triage

Submit
Reports

Overview

overview

Static

static

1

Vakhdevi R...024.js

windows7-x64

Vakhdevi R...024.js

windows10-2004-x64

Sharing

General

Target

Vakhdevi Resume 2024.js
Size

281KB
Sample

241107-r6ey3stlfy
MD5

bc7a790fcfdc9fe5301c6a15629f67e1
SHA1

2168bf3521db79257ccaa7a5e4dad89082a47107
SHA256

9c236eabb385b9402120bb087f0fbaa1b7ec11a897290ac6196d82197bd24ab0
SHA512

6f87dc8c1dc6c708f29f88723eeb4f193099e962ace3da35dbcd98d1b041d75640e32fc1a88aef0c8fe79760789f98dcd729f673855fd42a4333caeab59f5484
SSDEEP

6144:hap3Ih6nUcdCPxwldTjjt4OfR6tQQaAFmLEnJFZ8aKIDI1foATRZtr:h8lz4OfSGAFmz9j1foATtr

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

Vakhdevi Resume 2024.js

Resource

win7-20240903-en

gootloader execution loader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Vakhdevi Resume 2024.js

Resource

win10v2004-20241007-en

gootloader execution loader

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  Vakhdevi Resume 2024.js
- Size
  
  281KB
- MD5
  
  bc7a790fcfdc9fe5301c6a15629f67e1
- SHA1
  
  2168bf3521db79257ccaa7a5e4dad89082a47107
- SHA256
  
  9c236eabb385b9402120bb087f0fbaa1b7ec11a897290ac6196d82197bd24ab0
- SHA512
  
  6f87dc8c1dc6c708f29f88723eeb4f193099e962ace3da35dbcd98d1b041d75640e32fc1a88aef0c8fe79760789f98dcd729f673855fd42a4333caeab59f5484
- SSDEEP
  
  6144:hap3Ih6nUcdCPxwldTjjt4OfR6tQQaAFmLEnJFZ8aKIDI1foATRZtr:h8lz4OfSGAFmz9j1foATtr
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Gootloader family
  gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

behavioral2

gootloaderexecutionloader

© 2018-2024

Terms | Privacy