Extracted

• • Target

    d5ba0f1c01cf12f57cca93996d2f87191c9420afbbd116d3757060d780338d29

  • Size

    285KB

  • MD5

    c25b6469a89826074b513d45b76c4c6a

  • SHA1

    cd13f2ee1af78f3f48edb595fc90358415e5ebe1

  • SHA256

    d5ba0f1c01cf12f57cca93996d2f87191c9420afbbd116d3757060d780338d29

  • SHA512

    a9314292c946ad2c63165f241ab4bc3dbb5626b14b7fb5d6606dbf8d789040a50e7eb5777721568fbc32bed4d0a4e815dd423096a92026c319d4d96dcc3fc5f7

  Score

  10^/10

  gootkit6546bankerbotnettrojan

  • Gootkit

    Gootkit is a banking trojan, where large parts are written in node.JS.

    trojanbankerbotnetgootkit

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2