gootkit | 9a26a377fca1adb607e791aed3e467c8a898a4876f01b1fbe412fd4a29cdeb21 | Triage

Sharing

General

Target

9a26a377fca1adb607e791aed3e467c8a898a4876f01b1fbe412fd4a29cdeb21
Size

157KB
Sample

210616-dd2y2syv22
MD5

01c98248a2c992a370117359c1cf3bd7
SHA1

b707c6aa87b8c8aa013b584bccc396283fd7f285
SHA256

9a26a377fca1adb607e791aed3e467c8a898a4876f01b1fbe412fd4a29cdeb21
SHA512

c34ba409d38c706cc85ea57e8337e2382407ab16876dea76eb6c6b5befb018c2333803ac443cc88c47623fd3f796879f1f53243ecdee13d66b1e138615cf0809

Score

10^/10

gootkit 2856

Malware Config

Extracted

Family

gootkit

Botnet

2856

C2

it.its1ofakind.net

zgzimtkwotm2.top

Attributes

vendor_id
2856

Targets

- Target
  
  9a26a377fca1adb607e791aed3e467c8a898a4876f01b1fbe412fd4a29cdeb21
- Size
  
  157KB
- MD5
  
  01c98248a2c992a370117359c1cf3bd7
- SHA1
  
  b707c6aa87b8c8aa013b584bccc396283fd7f285
- SHA256
  
  9a26a377fca1adb607e791aed3e467c8a898a4876f01b1fbe412fd4a29cdeb21
- SHA512
  
  c34ba409d38c706cc85ea57e8337e2382407ab16876dea76eb6c6b5befb018c2333803ac443cc88c47623fd3f796879f1f53243ecdee13d66b1e138615cf0809
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2