MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3d39b187816419d657ab62b104626596cc53f15427f4dd3f582bc4e8083462d3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

GootLoader

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	3d39b187816419d657ab62b104626596cc53f15427f4dd3f582bc4e8083462d3
SHA3-384 hash:	c566937f81de3490cdfbd0559a0f176343d42a60f662d868e22c409aa17082a2f1a3183fdecf88bee179c2fd46c364f8
SHA1 hash:	681fa26f26a0190bab49a2e86dd94377dce53184
MD5 hash:	55958864c79f11216516beaa9da0a653
humanhash:	blue-robert-asparagus-spring
File name:	Legal_Case_Management_Guide_2025.zip
Download:	download sample
Signature	GootLoader Create hunting rule
File size:	85'189'525 bytes
First seen:	2025-12-23 15:53:31 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	98304:PUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU:m
TLSH	T1B71812F3DC69D828EA70296422582D79D0349839AD43DF1F356578CFA3ECC482346B2E
Magika	zip
Reporter	monitorsg
Tags:	GootLoader zip

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Details

Link:

https://research.acce.ciphertechsolutions.com/results/db67a759-f246-4f33-a649-8226e9741950/

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=694abb3501c7b4a8fe551242

Tags:

n/a

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/3d39b187816419d657ab62b104626596cc53f15427f4dd3f582bc4e8083462d3

Result

Verdict:

UNKNOWN

Link:

https://labs.inquest.net/dfi/sha256/3d39b187816419d657ab62b104626596cc53f15427f4dd3f582bc4e8083462d3

Verdict:

Unknown

File Type:

zip

Link:

https://opentip.kaspersky.com/3d39b187816419d657ab62b104626596cc53f15427f4dd3f582bc4e8083462d3/results?tab=lookup

Gathering data

Threat name:

Script-JS.Trojan.Gootloader

Status:

Malicious

First seen:

2025-12-23 15:54:25 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

2 of 36 (5.56%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=hu43db4bmqm5mv5lmkyqiytfs3gfh4kue72n2p2yfpcoqcbumljq._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/251223-t15zeswqg1/

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

GootLoader

zip 3d39b187816419d657ab62b104626596cc53f15427f4dd3f582bc4e8083462d3

(this sample)

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample