Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

9e9fb1553b...a8a.js

windows7-x64

3

9e9fb1553b...a8a.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21787160454.zip

  • Size

    1.4MB

  • Sample

    250319-3nfcns1nx9

  • MD5

    2881e5fc74c47b09def38fa2f2989b06

  • SHA1

    bd1886ffe8cbc6f0173bffe5afb016743da4a04f

  • SHA256

    c32c767e08e77a7749a5c53fecb19f3963d66546ce07f5317b40b60c5c5aeb8a

  • SHA512

    8e888344685f3f82cfd6d77d43145bce674a579b5902589805e0e2fc1750ad3f7545e55c42b087b42532acce39a0193411a6cc548e7c34747c7ec20086854222

  • SSDEEP

    24576:ie6zobsu/It9bzqJsAcr5d0Cc4drMIISzciTdkah8xDVWt/SvbInJlqoyCHKbQJh:x+obsu/Itl+JsA8nISzibxDVWxSv0Pqi

Score
10/10
gootloaderexecutionloader

Malware Config

Targets

    • Target

      9e9fb1553b565387cf9f2477db8c566da1a865ecc1fd08329dd9d8141ec8ca8a

    • Size

      5.3MB

    • MD5

      b2ffa18d6a6bf9de5ccc65b8ffbeae72

    • SHA1

      b553680c5718fbfcb2ab72db5e19c7e378577130

    • SHA256

      9e9fb1553b565387cf9f2477db8c566da1a865ecc1fd08329dd9d8141ec8ca8a

    • SHA512

      0fba66e93610553df29da04ef2e171787815a8f3c0d6f4040140724a6319500c3cd10bd9cf0f4f646d4baca85dc7b7082d24367e5ff944efda8e184241d1e80d

    • SSDEEP

      49152:Gl3VnOgewfmWm/RD/s+LfHQPl3VnOgewfmWm/RD/s+LfHQPl3VnOgewfmWm/RD/N:GTBTBTBTk

    Score
    10/10
    executiongootloaderloader

    • GootLoader

      JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.

      loadergootloader

    • Gootloader family

      gootloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks