MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9b2b9e919208b2a601565e3fb9f358c551536c08b7ca733cdcd0b0bde37a7688. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GootLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9b2b9e919208b2a601565e3fb9f358c551536c08b7ca733cdcd0b0bde37a7688
SHA3-384 hash: a644de648ed266e715d3a301a6018804c40e1184a28942bfdd85f747bb91de2e0c07612da79ff843089ad84cbc7348e2
SHA1 hash: 168656d72016ce37aa1bd48a279e9c2a10b80385
MD5 hash: 23938a5f1a8d0740d7c84ade1ad886a2
humanhash: delaware-triple-glucose-iowa
File name:Legal_Case_Management_Guide_2025.zip
Download: download sample
Signature GootLoader
Create hunting rule
File size:80'978'728 bytes
First seen:2025-12-30 17:15:30 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 98304:zVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVb:r
TLSH T1120802AA63A1D8ED45151C70B725245975C938ECF2E3F33C582656DCE7982BB2B0A333
Magika zip
Reporter monitorsg
Tags:GootLoader zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
38
Origin country :
US US
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/ce2438f5-b2a0-4481-8653-be319d25044d/
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=695408e97d915bf1778f0adc
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/9b2b9e919208b2a601565e3fb9f358c551536c08b7ca733cdcd0b0bde37a7688
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/9b2b9e919208b2a601565e3fb9f358c551536c08b7ca733cdcd0b0bde37a7688
Verdict:
Unknown
File Type:
zip
Link:
https://opentip.kaspersky.com/9b2b9e919208b2a601565e3fb9f358c551536c08b7ca733cdcd0b0bde37a7688/results?tab=lookup
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tmvz5emsbczkmakwly73t42yyvivg3aiw7fhgpg42cyl3y32o2ea._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

GootLoader

zip 9b2b9e919208b2a601565e3fb9f358c551536c08b7ca733cdcd0b0bde37a7688

(this sample)

  
Delivery method
Distributed via web download

Comments