gootloader | 3cd318fc5148dade0fea960bb51e8050cfa89ecb9ca6e275e310a23daab903ee | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...710.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 35710.js
Size

18.5MB
Sample

240629-qst1eaycpc
MD5

e6cfd90e00390e572e875dcc2a50a446
SHA1

09cb32e06598e47ef4973845427fdd411f27e423
SHA256

3cd318fc5148dade0fea960bb51e8050cfa89ecb9ca6e275e310a23daab903ee
SHA512

9f043d53a2e0f9241d30bad2dcffd506af51e58a1e7a928469c68a1c667c2aa8804700c2973e5b9cc0dd985a72f62212f6c6a26b48bf01cc06d9a0b1354f25a3
SSDEEP

49152:N9u08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDe9u08dPXWR4ba/JOt3:pc43mvc43mvc43mvc43ml

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 35710.js

Resource

win10v2004-20240611-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 35710.js
- Size
  
  18.5MB
- MD5
  
  e6cfd90e00390e572e875dcc2a50a446
- SHA1
  
  09cb32e06598e47ef4973845427fdd411f27e423
- SHA256
  
  3cd318fc5148dade0fea960bb51e8050cfa89ecb9ca6e275e310a23daab903ee
- SHA512
  
  9f043d53a2e0f9241d30bad2dcffd506af51e58a1e7a928469c68a1c667c2aa8804700c2973e5b9cc0dd985a72f62212f6c6a26b48bf01cc06d9a0b1354f25a3
- SSDEEP
  
  49152:N9u08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDe9u08dPXWR4ba/JOt3:pc43mvc43mvc43mvc43ml
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy