gootkit | b264f7ef3b25b411f123a7c30c9c06a69632e45ab6e31eaec92f2975c63345f9 | Triage

Sharing

General

Target

b264f7ef3b25b411f123a7c30c9c06a69632e45ab6e31eaec92f2975c63345f9
Size

154KB
Sample

210615-51n8119mha
MD5

9231b4b9928daee89b5e510c07263960
SHA1

21cb38c8b351fbc99a6dda2109d2647d91009788
SHA256

b264f7ef3b25b411f123a7c30c9c06a69632e45ab6e31eaec92f2975c63345f9
SHA512

7919201424fb5b8c72f3d718382164000536bbc82f7f9b209d98ce776439ef408156ec073632abae3afbb982384684812dd62acc1f2b8202ad0321ee09717e8c

Score

10^/10

gootkit 3030

Malware Config

Extracted

Family

gootkit

Botnet

3030

C2

wws.fourfiftyonestudios.com

pro.bridgerlawfirm.com

ogy5mtewod.top

Attributes

vendor_id
3030

Targets

- Target
  
  b264f7ef3b25b411f123a7c30c9c06a69632e45ab6e31eaec92f2975c63345f9
- Size
  
  154KB
- MD5
  
  9231b4b9928daee89b5e510c07263960
- SHA1
  
  21cb38c8b351fbc99a6dda2109d2647d91009788
- SHA256
  
  b264f7ef3b25b411f123a7c30c9c06a69632e45ab6e31eaec92f2975c63345f9
- SHA512
  
  7919201424fb5b8c72f3d718382164000536bbc82f7f9b209d98ce776439ef408156ec073632abae3afbb982384684812dd62acc1f2b8202ad0321ee09717e8c
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2