MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2e46b1a79a8d8fc7366f9c264b46108dd49b3eb2f4744a19769ca72090f8598a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GootLoader


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2e46b1a79a8d8fc7366f9c264b46108dd49b3eb2f4744a19769ca72090f8598a
SHA3-384 hash: 20d4e6ca6967af6d325168cde28aa44b69dbdfb62ecd386cc92ca40ce12de1da7cfe9e5fde9e652786ea241187cc9bc0
SHA1 hash: 188d516a704e81481865b899b44b55b771d9c681
MD5 hash: ed3e917ce73dbdc4e64cddcfe1b40069
humanhash: carolina-kitten-bacon-summer
File name:Legal_Case_Management_Guide_2025.zip
Download: download sample
Signature GootLoader
Create hunting rule
File size:64'864'953 bytes
First seen:2025-12-30 19:00:30 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 1572864:n333333333333333333333333333333333333333333333333333333333333333:3
TLSH T1D1E712A8A8B1275761EB7FFAC7C53FE32A270014B10BC61C0D83625D4EB6D15522ADBD
Magika unknown
Reporter monitorsg
Tags:GootLoader zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
39
Origin country :
US US
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/4b1074ac-3506-4a3b-9e89-2b5b7343e06c/
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6954218f7468b4bd1c8ef0d8
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/2e46b1a79a8d8fc7366f9c264b46108dd49b3eb2f4744a19769ca72090f8598a
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/2e46b1a79a8d8fc7366f9c264b46108dd49b3eb2f4744a19769ca72090f8598a
Verdict:
Unknown
File Type:
zip
Link:
https://opentip.kaspersky.com/2e46b1a79a8d8fc7366f9c264b46108dd49b3eb2f4744a19769ca72090f8598a/results?tab=lookup
Gathering data
Threat name:
Win32.Trojan.Minerva
Create hunting rule
Status:
Malicious
First seen:
2025-12-30 19:01:33 UTC
File Type:
Binary (Archive)
Extracted files:
3
AV detection:
3 of 24 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fzdldj42rwh4ontptqtewrqqrxkjwpvs6r2euglwtstsbehylgfa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

GootLoader

zip 2e46b1a79a8d8fc7366f9c264b46108dd49b3eb2f4744a19769ca72090f8598a

(this sample)

  
Delivery method
Distributed via web download

Comments