Overview

overview

10

Static

static

10

c342af6230...a8.exe

windows7_x64

1

c342af6230...a8.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c342af62302936720e52679bc431d5a8

  • Size

    156KB

  • Sample

    210204-qls95ztjm6

  • MD5

    c342af62302936720e52679bc431d5a8

  • SHA1

    799f21d34bcd5c417337207aecf1d85e5da72879

  • SHA256

    2178eda7504a62c0451e35bf26f56c4f699940f359efc0b82dc662f964144415

  • SHA512

    91f13eaac3f86bf957da25a21ae524f80056ffbea45247fed45651f50ab2dd706161694e76a46fef70e11befa2beb3d5c603f74d8ed482f5e60bc7da238b16ec

Score
10/10
gootkit2700

Malware Config

Extracted

Family

gootkit

Botnet

2700

C2

me.sunballast.fr

koohy.top
Attributes
  • vendor_id

    2700

Targets

    • Target

      c342af62302936720e52679bc431d5a8

    • Size

      156KB

    • MD5

      c342af62302936720e52679bc431d5a8

    • SHA1

      799f21d34bcd5c417337207aecf1d85e5da72879

    • SHA256

      2178eda7504a62c0451e35bf26f56c4f699940f359efc0b82dc662f964144415

    • SHA512

      91f13eaac3f86bf957da25a21ae524f80056ffbea45247fed45651f50ab2dd706161694e76a46fef70e11befa2beb3d5c603f74d8ed482f5e60bc7da238b16ec

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks