gootloader | 2a6ad08ea4a94e9f9d739efb43a493cd5c20afae9f7c48589c98917b73d17b8f | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...857.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 43857.js
Size

18.5MB
Sample

240702-qjn3sstenh
MD5

633aac524f90004ed72810dcae9887ec
SHA1

eb35bf909f6a037d4fe496ec5c245c62848e05ba
SHA256

2a6ad08ea4a94e9f9d739efb43a493cd5c20afae9f7c48589c98917b73d17b8f
SHA512

2345818dc2016644cf84c40c1a796091b36759930b5b87260982ba2b4e72999bbf2830f55779437da03dc1178dcd21e4854b67d6da3f30dda57f666989391597
SSDEEP

49152:hFo08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDgFo08dPXWR4ba/JOtV:nc43mJc43mJc43mJc43ml

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 43857.js

Resource

win10v2004-20240508-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 43857.js
- Size
  
  18.5MB
- MD5
  
  633aac524f90004ed72810dcae9887ec
- SHA1
  
  eb35bf909f6a037d4fe496ec5c245c62848e05ba
- SHA256
  
  2a6ad08ea4a94e9f9d739efb43a493cd5c20afae9f7c48589c98917b73d17b8f
- SHA512
  
  2345818dc2016644cf84c40c1a796091b36759930b5b87260982ba2b4e72999bbf2830f55779437da03dc1178dcd21e4854b67d6da3f30dda57f666989391597
- SSDEEP
  
  49152:hFo08dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDgFo08dPXWR4ba/JOtV:nc43mJc43mJc43mJc43ml
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy