SYMBOLCOMMON_NAMEaka. SYNONYMS
js.gootloader (Back to overview)

GootLoader


There is no description at this point.

References
2022-06-05Dino HacksNiranjan Hegde
@online{hegde:20220605:loading:917dd2b, author = {Niranjan Hegde}, title = {{Loading GootLoader}}, date = {2022-06-05}, organization = {Dino Hacks}, url = {https://dinohacks.blogspot.com/2022/06/loading-gootloader.html}, language = {English}, urldate = {2022-06-09} } Loading GootLoader
GootLoader
2022-05-12Red CanaryTony Lambert, Lauren Podber
@techreport{lambert:20220512:gootloader:4562030, author = {Tony Lambert and Lauren Podber}, title = {{Gootloader and Cobalt Strike malware analysis}}, date = {2022-05-12}, institution = {Red Canary}, url = {https://redcanary.com/wp-content/uploads/2022/05/Gootloader.pdf}, language = {English}, urldate = {2022-05-13} } Gootloader and Cobalt Strike malware analysis
GootLoader Cobalt Strike
2022-05-12Red CanaryTony Lambert, Lauren Podber
@online{lambert:20220512:goot:1fc62fa, author = {Tony Lambert and Lauren Podber}, title = {{The Goot cause: Detecting Gootloader and its follow-on activity}}, date = {2022-05-12}, organization = {Red Canary}, url = {https://redcanary.com/blog/gootloader}, language = {English}, urldate = {2022-05-13} } The Goot cause: Detecting Gootloader and its follow-on activity
GootLoader Cobalt Strike
2022-05-09The DFIR ReportThe DFIR Report
@online{report:20220509:seo:cc8b1c2, author = {The DFIR Report}, title = {{SEO Poisoning – A Gootloader Story}}, date = {2022-05-09}, organization = {The DFIR Report}, url = {https://thedfirreport.com/2022/05/09/seo-poisoning-a-gootloader-story/}, language = {English}, urldate = {2022-06-09} } SEO Poisoning – A Gootloader Story
GootLoader LaZagne Cobalt Strike GootKit
2022-05-04HPPatrick Schläpfer
@online{schlpfer:20220504:tips:f12f7ba, author = {Patrick Schläpfer}, title = {{Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware}}, date = {2022-05-04}, organization = {HP}, url = {https://threatresearch.ext.hp.com/tips-for-automating-ioc-extraction-from-gootloader-a-changing-javascript-malware/}, language = {English}, urldate = {2022-05-05} } Tips for Automating IOC Extraction from GootLoader, a Changing JavaScript Malware
GootLoader
2022-02-26MandiantMandiant
@online{mandiant:20220226:trending:a445d4a, author = {Mandiant}, title = {{TRENDING EVIL Q1 2022}}, date = {2022-02-26}, organization = {Mandiant}, url = {https://experience.mandiant.com/trending-evil/p/1}, language = {English}, urldate = {2022-03-14} } TRENDING EVIL Q1 2022
KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot
2021-08-25RiskIQJordan Herman
@online{herman:20210825:eitest:e4c2c31, author = {Jordan Herman}, title = {{EITest: Linkages to the Ongoing Malware Delivery Campaign Referred to as "Gootloader"}}, date = {2021-08-25}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/f5d5ed38}, language = {English}, urldate = {2021-08-30} } EITest: Linkages to the Ongoing Malware Delivery Campaign Referred to as "Gootloader"
GootLoader
2021-08-12SophosGabor Szappanos, Andrew Brandt
@online{szappanos:20210812:gootloaders:84e3100, author = {Gabor Szappanos and Andrew Brandt}, title = {{Gootloader’s “mothership” controls malicious content}}, date = {2021-08-12}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2021/08/12/gootloaders-mothership-controls-malicious-content/}, language = {English}, urldate = {2021-08-25} } Gootloader’s “mothership” controls malicious content
GootLoader
2021-06-16SentinelOneAntonio Pirozzi
@online{pirozzi:20210616:gootloader:b2ba777, author = {Antonio Pirozzi}, title = {{Gootloader: ‘Initial Access as a Service’ Platform Expands Its Search for High Value Targets}}, date = {2021-06-16}, organization = {SentinelOne}, url = {https://labs.sentinelone.com/gootloader-initial-access-as-a-service-platform-expands-its-search-for-high-value-targets/}, language = {English}, urldate = {2021-06-21} } Gootloader: ‘Initial Access as a Service’ Platform Expands Its Search for High Value Targets
GootLoader

There is no Yara-Signature yet.