Is Gootloader Working with a Foreign Intelligence Service
Show in Graph
Image Description
Common Information
Type Value
UUID 17ff8172-3813-47b7-a969-6d975222bf70
Fingerprint 869c1af0a81a90b99e1c4dc1229332d7f0821015f6405ccf0b853277790ff26c
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 22, 2022, 12:19 p.m.
Added to db March 11, 2024, 7:04 p.m.
Last updated Aug. 31, 2024, 2:02 a.m.
Headline Is Gootloader Working with a Foreign Intelligence Service
Title Is Gootloader Working with a Foreign Intelligence Service
Detected Hints/Tags/Attributes 133/4/40
Source URLs
Redirection Url
Details Source https://5556002.fs1.hubspotusercontent-na1.net/hubfs/5556002/2022%20PDF%20Download%20Assets/ADA%20Compliant%20pdfs/Reports/PUBLIC_Gootloader%20-%20Foreign%20Intelligence%20Service.pdf
URL Provider
Details Provider Source level domain
Details hubspotusercontent-na1.net 5556002.fs1.hubspotusercontent-na1.net
Attributes
Details Type #Events CTI Value
Details Deepwatch Threat Intel - Threat Activity Cluster 2 
TAC-011
Details Domain 24 
www.deepwatch.com
Details Domain 1 
blog.sportrecs.com
Details Domain 1 
sportrecs.com
Details Domain 1 
mooscle.com
Details Domain 1 
ruvod.com
Details Domain 1 
rochias.com
Details Domain 372 
wscript.shell
Details Domain 2 
iserverxmlhttprequest2.open
Details Domain 1 
www.lovlr.com
Details Domain 1 
www.lukeamiller.net
Details Domain 1 
www.luckies.cc
Details Domain 45 
company.com
Details Domain 1 
ovlr.com
Details Domain 1 
lukeamiller.net
Details Domain 1 
luckies.cc
Details Domain 1 
macromixenlinea.com
Details Domain 1 
quickprint.nl
Details Domain 1 
probis.com.pl
Details Domain 1 
psychanalyste-toulouse.fr
Details Domain 1 
porconocer.com
Details Domain 1 
proficomarket.com.ua
Details Domain 1 
psychotherapie-schmitt.de
Details Domain 1 
rohmert-medien.de
Details Domain 1 
rockharz-festival.com
Details File 98 
download.php
Details File 55 
test.php
Details sha256 1 
6f270ae10c3ce4ddfb06c0d847ccf805249d9e641112665b6d6a7afacb51c72e
Details sha256 2 
891b849997f783ce6e6c8720b4bd07f169b2eac4cbc11b78cfadd62ea5c9442c
Details IPv4 1 
188.246.233.180
Details MITRE ATT&CK Techniques 183 
T1189
Details MITRE ATT&CK Techniques 15 
T1584.001
Details MITRE ATT&CK Techniques 93 
T1059.007
Details MITRE ATT&CK Techniques 106 
T1204.001
Details MITRE ATT&CK Techniques 494 
T1105
Details MITRE ATT&CK Techniques 630 
T1027
Details MITRE ATT&CK Techniques 96 
T1587.001
Details Url 1 
https://www.lovlr.com/test.php?ddnmo
Details Url 1 
https://www.lukeamiller.net/test
Details Url 1 
https://www.luckies.cc/test.php?ddn