gootloader | 823cc895278debded2e2133c153391018e8a4eafa43260d587ad51da6e4d98c9 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...484.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 4484.js
Size

23.2MB
Sample

240630-mszdcawfqe
MD5

56166d9f345a43c9c16e9f7f38534c5d
SHA1

2b5f9b2a6c8cba2e545b4c517d59885651bedd0c
SHA256

823cc895278debded2e2133c153391018e8a4eafa43260d587ad51da6e4d98c9
SHA512

ed0328b956e6c879001ad237bb47ec9e899fd16c4a71ad53757c34a9c36083a306788ffcf44f40cbd245873aa88ed40c02aa56efacae0a48538c4fbd70ffd9c3
SSDEEP

49152:bu+08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDku+08dPXWR4ba/JOt5:Kc43mgc43mgc43mgc43mgc43ml

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 4484.js

Resource

win10v2004-20240508-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 4484.js
- Size
  
  23.2MB
- MD5
  
  56166d9f345a43c9c16e9f7f38534c5d
- SHA1
  
  2b5f9b2a6c8cba2e545b4c517d59885651bedd0c
- SHA256
  
  823cc895278debded2e2133c153391018e8a4eafa43260d587ad51da6e4d98c9
- SHA512
  
  ed0328b956e6c879001ad237bb47ec9e899fd16c4a71ad53757c34a9c36083a306788ffcf44f40cbd245873aa88ed40c02aa56efacae0a48538c4fbd70ffd9c3
- SSDEEP
  
  49152:bu+08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDku+08dPXWR4ba/JOt5:Kc43mgc43mgc43mgc43mgc43ml
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy