SYMBOLCOMMON_NAMEaka. SYNONYMS
js.gootloader (Back to overview)

GootLoader

aka: SLOWPOUR

According to PCrisk, they discovered GootLoader malware while examining legitimate but compromised websites (mainly websites managed using WordPress). It was found that GootLoader is used to infect computers with additional malware. Cybercriminals using GootLoader seek to trick users into unknowingly downloading and executing the malware by disguising it as a document or other file.

References
2024-11-21IntrinsecCTI Intrinsec, Intrinsec
PROSPERO & Proton66: Uncovering the links between bulletproof networks
Coper SpyNote FAKEUPDATES GootLoader EugenLoader
2024-11-20IntrinsecEquipe CTI
PROSPERO & Proton66: Tracing Uncovering the links between bulletproof networks
Coper SpyNote FAKEUPDATES GootLoader EugenLoader IcedID Matanbuchus Nokoyawa Ransomware Pikabot
2024-11-06SophosAsha Castle, Hikaru Koike, Sean Gallagher, Trang Tang
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
GootLoader
2024-11-01Googleandy2002a
Finding Malware: Detecting GOOTLOADER with Google Security Operations.
GootLoader
2024-09-18Twitter (@MsftSecIntel)Microsoft
Tweet about threat actor Vanilla Tempest
INC GootLoader Storm-0494
2024-08-20Intel 471Intel 471
Threat Hunting Case Study: Tracking Down GootLoader
GootLoader
2024-06-24GootLoader Wordpressgootloadersites
Gootloader’s New Hideout Revealed: The Malware Hunt in WordPress’ Shadows
GootLoader
2024-05-13Malsada TechAaron Samala
Gootloader Isn’t Broken
GootLoader
2024-02-26The DFIR ReportThe DFIR Report
SEO Poisoning to Domain Control: The Gootloader Saga Continues
GootLoader
2024-02-14GootLoader Wordpressgootloadersites
My-Game Retired? Latest Changes to Gootloader
GootLoader
2023-12-09Github (struppigel)Karsten Hahn
AST based GootLoader unpacker, C2 extractor and deobfuscator
GootLoader
2023-11-07SOCRadarSOCRadar
New Gootloader Variant “GootBot” Changes the Game in Malware Tactics
GootLoader Cobalt Strike UNC2565
2023-11-06Security IntelligenceGolo Mühr, Ole Villadsen
GootBot – Gootloader’s new approach to post-exploitation
GootLoader UNC2565
2023-08-10TrustwaveRodel Mendrez
Gootloader: Why your Legal Document Search May End in Misery
GootLoader
2023-06-23KrollGeorge Glass, Keith Wojcieszek, Ryan Hicks
Deep Dive into GOOTLOADER Malware and Its Infection Chain
GootLoader
2023-06-22ReliaquestCaroline Fenstermacher
Goot to Loot - How a Gootloader Infection Led to Credential Access
GootLoader SystemBC
2023-04-26eSentireJoe Stewart, Keegan Keplinger
Gootloader Unloaded: Researchers Launch Multi-Pronged Offensive Against Gootloader, Cutting Off Traffic to Thousands of Gootloader Web Pages and Using the Operator’s Very Own Tactics to Protect End-Users
GootLoader
2023-02-14CybereasonCybereason Incident Response (IR) team
GootLoader - SEO Poisoning and Large Payloads Leading to Compromise
GootLoader Cobalt Strike SystemBC
2023-01-26MandiantAndy Morales, Govand Sinjari
Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations
GootLoader UNC2565
2023-01-12eSentireeSentire
Gootloader Malware Leads to Cobalt Strike and Hand-on-Keyboard Activity
GootLoader
2023-01-09TrendmicroFe Cureg, Hitomi Kimura, Ryan Maglaque, Trent Bessell
Gootkit Loader Actively Targets Australian Healthcare Industry
GootLoader GootKit
2023-01-05gootloadersites
What is Gootloader?
GootLoader
2023-01-05gootloadersites
Gootloader Command & Control
GootLoader
2022-12-07eSentireeSentire Threat Response Unit (TRU)
GootLoader Striking with a New Infection Technique
GootLoader
2022-07-20NVISO LabsSasja Reynaert
Analysis of a trojanized jQuery script: GootLoader unleashed
GootLoader Cobalt Strike
2022-07-14BlackberryThe BlackBerry Research & Intelligence Team
GootLoader, From SEO Poisoning to Multi-Stage Downloader
GootLoader
2022-06-05Dino HacksNiranjan Hegde
Loading GootLoader
GootLoader
2022-05-12Red CanaryLauren Podber, Tony Lambert
The Goot cause: Detecting Gootloader and its follow-on activity
GootLoader Cobalt Strike
2022-05-12Red CanaryLauren Podber, Tony Lambert
Gootloader and Cobalt Strike malware analysis
GootLoader Cobalt Strike
2022-05-09The DFIR ReportThe DFIR Report
SEO Poisoning – A Gootloader Story
GootLoader LaZagne Cobalt Strike GootKit
2022-05-04HPPatrick Schläpfer
Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware
GootLoader
2022-02-26MandiantMandiant
TRENDING EVIL Q1 2022
KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot
2021-08-25RiskIQJordan Herman
EITest: Linkages to the Ongoing Malware Delivery Campaign Referred to as "Gootloader"
GootLoader
2021-08-12SophosAndrew Brandt, Gabor Szappanos
Gootloader’s “mothership” controls malicious content
GootLoader
2021-06-16SentinelOneAntonio Pirozzi
Gootloader: ‘Initial Access as a Service’ Platform Expands Its Search for High Value Targets
GootLoader

There is no Yara-Signature yet.