gootkit | 7a890a283feb9481f3ac02270b8dbb2f28fd734cc6074332fe9ef443b02c8aff | Triage

Sharing

General

Target

956bf1e9f894c0ec5e25bcb7d02273d968620fef9916428760e1feb579b23a42_nocheck
Size

157KB
Sample

210906-rk974abbg9
MD5

a665ab97bfef87862973bde1bf003a64
SHA1

9be4bde1b4d9c627248f6e23335304f63bbb4cf0
SHA256

7a890a283feb9481f3ac02270b8dbb2f28fd734cc6074332fe9ef443b02c8aff
SHA512

ab43827f6fcd17689108020a1908a2818e4753dcee2209d401fc056f29549abec7e8dfca1eff6bff4987427b002b868ca1e04b9a8c47280304a502fdb7ddff2d

Score

10^/10

gootkit 2860

Malware Config

Extracted

Family

gootkit

Botnet

2860

C2

adp.reevesandcompany.com

picturecrafting.site

Attributes

vendor_id
2860

Targets

- Target
  
  956bf1e9f894c0ec5e25bcb7d02273d968620fef9916428760e1feb579b23a42_nocheck
- Size
  
  157KB
- MD5
  
  a665ab97bfef87862973bde1bf003a64
- SHA1
  
  9be4bde1b4d9c627248f6e23335304f63bbb4cf0
- SHA256
  
  7a890a283feb9481f3ac02270b8dbb2f28fd734cc6074332fe9ef443b02c8aff
- SHA512
  
  ab43827f6fcd17689108020a1908a2818e4753dcee2209d401fc056f29549abec7e8dfca1eff6bff4987427b002b868ca1e04b9a8c47280304a502fdb7ddff2d
Score

1^/10
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1