gootloader | 4c39948c9025afcb542a40dcfc81679658c846c888fd06d02d61967845e8fdda | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...470.js

windows10-2004-x64

Resubmissions

27-06-2024 13:02

240627-p9v4csserf 10

26-06-2024 14:09

240626-rgg25s1blm 10

Sharing

General

Target

pa collective agreement pay 64470.js
Size

13.9MB
Sample

240626-rgg25s1blm
MD5

1b55002d20f323d7ea0a20e19a3325fa
SHA1

63fbf3fc612072145c58bde5c969e4a4abc0a013
SHA256

4c39948c9025afcb542a40dcfc81679658c846c888fd06d02d61967845e8fdda
SHA512

a98543644b6a008fc07e451b8a540d47a7598e92a931ef6cf3bd348773557dc7562ec9776485b2c401f0ac0eb496d14d60604a0c2755d55a41d56367baa26ecf
SSDEEP

49152:Grp08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDFrp08dPXWR4ba/JOti:bc43mBc43mBc43ml

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 64470.js

Resource

win10v2004-20240611-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 64470.js
- Size
  
  13.9MB
- MD5
  
  1b55002d20f323d7ea0a20e19a3325fa
- SHA1
  
  63fbf3fc612072145c58bde5c969e4a4abc0a013
- SHA256
  
  4c39948c9025afcb542a40dcfc81679658c846c888fd06d02d61967845e8fdda
- SHA512
  
  a98543644b6a008fc07e451b8a540d47a7598e92a931ef6cf3bd348773557dc7562ec9776485b2c401f0ac0eb496d14d60604a0c2755d55a41d56367baa26ecf
- SSDEEP
  
  49152:Grp08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDFrp08dPXWR4ba/JOti:bc43mBc43mBc43ml
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy