gootloader | c3625b94c788ccf7c7de1efb639ac338227b5b6ebb99ca480c25e6e877de2c32 | Triage

Submit
Reports

Overview

overview

Static

static

1

pa collect...493.js

windows10-2004-x64

Sharing

General

Target

pa collective agreement pay 54493.js
Size

23.2MB
Sample

240703-mqek6aycmf
MD5

8c9c376750ea3dd04169d1cccd8e7fca
SHA1

0bf85b77f8b81624b15c3420ea47118f5c767305
SHA256

c3625b94c788ccf7c7de1efb639ac338227b5b6ebb99ca480c25e6e877de2c32
SHA512

909ce8e34d73c0d36e1413293e7bf59dbddaa84a575120110a969d8b8e90f14451a46ce2ae561fa84431c7d493ef3b4bca43b83ff565c6ae4a432c5b18ef8953
SSDEEP

49152:TXU708dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDEXU708dPXWR4ba/JX:vc43m1c43m1c43m1c43m1c43ml

Score

10^/10

gootloader execution loader

Static task

static1

Behavioral task

behavioral1

Sample

pa collective agreement pay 54493.js

Resource

win10v2004-20240611-en

gootloader execution loader

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  pa collective agreement pay 54493.js
- Size
  
  23.2MB
- MD5
  
  8c9c376750ea3dd04169d1cccd8e7fca
- SHA1
  
  0bf85b77f8b81624b15c3420ea47118f5c767305
- SHA256
  
  c3625b94c788ccf7c7de1efb639ac338227b5b6ebb99ca480c25e6e877de2c32
- SHA512
  
  909ce8e34d73c0d36e1413293e7bf59dbddaa84a575120110a969d8b8e90f14451a46ce2ae561fa84431c7d493ef3b4bca43b83ff565c6ae4a432c5b18ef8953
- SSDEEP
  
  49152:TXU708dPXWR4ba/JOtdF5pHE2lsfiaahM3o43ORV59VDKtDEXU708dPXWR4ba/JX:vc43m1c43m1c43m1c43m1c43ml
Score

10^/10

gootloader execution loader
- GootLoader
  JavaScript loader known for delivering other families such as Gootkit and Cobaltstrike.
  loader gootloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gootloaderexecutionloader

© 2018-2024

Terms | Privacy