🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Read More
Advisory Type |
Malware Intelligence |
Malware Type |
Loader |
Malware Name |
Gootloader |
Target OS |
Windows |
Targeted Countries |
North America, South Korea, Germany, France |
Tactics |
Techniques |
|
Reconnaissance |
T1590.005 | Gather Victim Network Information: IP Addresses |
Resource Development |
T1584.004 | Compromise Infrastructure: Server |
Execution |
T1059.007 | Command and Scripting Interpreter: JavaScript/JScript |
T1059.001 | Command and Scripting Interpreter: PowerShell | |
T1204.002 | User Execution: Malicious File | |
Persistence |
T1547.001 | Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder |
Defence Evasion |
T1140 | Deobfuscate/Decode Files or Information |
T1112 | Modify Registry | |
T1055.012 | Process Injection: Process Hollowing |
SHA1 |
8731316018d005690046909f86b10a2130cfe75c |
04ac4430395e4bb5c8e78e3c6a277f108da36124 | |
d7469da6a523239a9f2eee26d944aa9076c87bfa | |
f43b74c10c880546cf03014e253026736f01d1f9 | |
2bc5babb780ffdd38f2ee61583ed2d036fd499d7 | |
7fde4507b2430e37c7dc9a1df8904371bc1bf9b2 | |
f2ddf525f9bf9e583cb6e2694e5abfac483660b2 | |
098b332b7a4f8712916d6a681799e390daaaef98 | |
9771dc299da3aafd578a3182c63530315aff5726 | |
dd98b9fce29bb291f37ef7ccf745ad3cdf5880b8 | |
effb1d6d2a254c428fd3b726e5d10ba9c77a3ae6 | |
f6525c66ab292d394ff7ec3da9beca8c45919788 | |
02efc02a97e2223a85deea842eacebe9eb86aa0f | |
c51d97e76b018918504533ffdc05b06bae420912 | |
f1acf90d5a42eba5b601ebe1b954be72d1c5b0b2 |