Huntress has published an article about Gootloader with an absolutely ridiculous amount of IoCs to hunt for, beyond an already excellent technical deep dive.
https://www.huntress.com/blog/gootloader-threat-detection-woff2-obfuscation
Raising the bar?