gootkit | 2178eda7504a62c0451e35bf26f56c4f699940f359efc0b82dc662f964144415 | Triage

Sharing

General

Target

c342af62302936720e52679bc431d5a8
Size

156KB
Sample

210204-qls95ztjm6
MD5

c342af62302936720e52679bc431d5a8
SHA1

799f21d34bcd5c417337207aecf1d85e5da72879
SHA256

2178eda7504a62c0451e35bf26f56c4f699940f359efc0b82dc662f964144415
SHA512

91f13eaac3f86bf957da25a21ae524f80056ffbea45247fed45651f50ab2dd706161694e76a46fef70e11befa2beb3d5c603f74d8ed482f5e60bc7da238b16ec

Score

10^/10

gootkit 2700

Malware Config

Extracted

Family

gootkit

Botnet

2700

C2

me.sunballast.fr

koohy.top

Attributes

vendor_id
2700

Targets

- Target
  
  c342af62302936720e52679bc431d5a8
- Size
  
  156KB
- MD5
  
  c342af62302936720e52679bc431d5a8
- SHA1
  
  799f21d34bcd5c417337207aecf1d85e5da72879
- SHA256
  
  2178eda7504a62c0451e35bf26f56c4f699940f359efc0b82dc662f964144415
- SHA512
  
  91f13eaac3f86bf957da25a21ae524f80056ffbea45247fed45651f50ab2dd706161694e76a46fef70e11befa2beb3d5c603f74d8ed482f5e60bc7da238b16ec
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2