gootloader | bb3ae458a426bb45e7be1473870162c82bdf87aa63a67f407e11cba9aec5c008 | Triage

Submit
Reports

Overview

overview

Static

static

1

are gun su...730.js

windows10-2004-x64

Sharing

General

Target

are gun suppressors legal in nc 53730.js
Size

159KB
Sample

241122-sm4c1ayrbk
MD5

2e6e43e846c5de3ecafdc5f416b72897
SHA1

8f256f84a39d8f5ab3297e22d59bc77f7ccf0c79
SHA256

bb3ae458a426bb45e7be1473870162c82bdf87aa63a67f407e11cba9aec5c008
SHA512

f3da3da3a94992e67658560fe70beb9f0073ef2e17a1ea8e61522cb45c0fc903153029f42805ec8840afab42c649df132090472d31e23e20c36010da9d0bc1c2
SSDEEP

3072:oZg1kjSdL6VadUQ7SQNbuXjtWKLCVl/+fX1ueCox9Rc+acWv7LCblyZdaZj1PNHs:oZg1kjSdL6VadUQ7SQNbuXjtWKLCVl/v

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

are gun suppressors legal in nc 53730.js

Resource

win10v2004-20241007-en

gootloader execution loader

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  are gun suppressors legal in nc 53730.js
- Size
  
  159KB
- MD5
  
  2e6e43e846c5de3ecafdc5f416b72897
- SHA1
  
  8f256f84a39d8f5ab3297e22d59bc77f7ccf0c79
- SHA256
  
  bb3ae458a426bb45e7be1473870162c82bdf87aa63a67f407e11cba9aec5c008
- SHA512
  
  f3da3da3a94992e67658560fe70beb9f0073ef2e17a1ea8e61522cb45c0fc903153029f42805ec8840afab42c649df132090472d31e23e20c36010da9d0bc1c2
- SSDEEP
  
  3072:oZg1kjSdL6VadUQ7SQNbuXjtWKLCVl/+fX1ueCox9Rc+acWv7LCblyZdaZj1PNHs:oZg1kjSdL6VadUQ7SQNbuXjtWKLCVl/v
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Gootloader family
  gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy