MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9a5409c52b1a4e878ca28c9b1e6292f3bdca1b01f1d98c93ee1c2eab12860799. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GootLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9a5409c52b1a4e878ca28c9b1e6292f3bdca1b01f1d98c93ee1c2eab12860799
SHA3-384 hash: 1438ad4a6bdbfe3b36d7badca2852d27b220dec99f413e310c6467b8025d66eba24fec6e82735f9b3475fba12c3d86d1
SHA1 hash: 18cc8bcf7b970fd7f3438bf5c56fadb0e0d0808f
MD5 hash: 330f1523e3671a70684f4f4044ade97f
humanhash: wyoming-ceiling-harry-louisiana
File name:Legal_Case_Management_Guide_2025.zip
Download: download sample
Signature GootLoader
Create hunting rule
File size:97'610'040 bytes
First seen:2025-12-29 21:00:40 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 786432:3777777777777777777777777777777777777777777777777777777777777773:P
TLSH T14A2812A61370F687EA5C1D3E53DDF2A063A4250EC58FD3975E84CCC8926EEE0750AE84
Magika zip
Reporter monitorsg
Tags:GootLoader zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
39
Origin country :
US US
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/8d264a94-f7de-47ab-aa6f-8b4ed2154427/
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6952ec3d7d915bf1778ec9b4
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/9a5409c52b1a4e878ca28c9b1e6292f3bdca1b01f1d98c93ee1c2eab12860799
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/9a5409c52b1a4e878ca28c9b1e6292f3bdca1b01f1d98c93ee1c2eab12860799
Verdict:
Unknown
File Type:
zip
Link:
https://opentip.kaspersky.com/9a5409c52b1a4e878ca28c9b1e6292f3bdca1b01f1d98c93ee1c2eab12860799/results?tab=lookup
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tjkatrjldjhipdfcrsnr4yus6o64ugyb6hmyze7odqxkweuga6mq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

GootLoader

zip 9a5409c52b1a4e878ca28c9b1e6292f3bdca1b01f1d98c93ee1c2eab12860799

(this sample)

  
Delivery method
Distributed via web download

Comments