General
-
Target
087b9f549d23316dc43dd3f6b2280fdfde113bc457b785066f8657115a7ef555
-
Size
264KB
-
Sample
220530-1npj8sgcek
-
MD5
af0b810ee30058e5cea264fed2a15f05
-
SHA1
7aae8004f0042d3c4d250ace81053dbc3e31fecf
-
SHA256
087b9f549d23316dc43dd3f6b2280fdfde113bc457b785066f8657115a7ef555
-
SHA512
56b7da6973995c0e007ce78f62c5a45db54f8448ff7f0af6fcebe1a5f63c5d30b6864b7d0ae5c940f0db1d12c7363d87037a2b166caf51bc9b32175a95072710
Malware Config
Extracted
gootkit
410
parking.dynophyl.com
parked.dynonortheast.com
trktrk.eu
smeinsurances.co.uk
-
vendor_id
410
Targets
-
-
Target
087b9f549d23316dc43dd3f6b2280fdfde113bc457b785066f8657115a7ef555
-
Size
264KB
-
MD5
af0b810ee30058e5cea264fed2a15f05
-
SHA1
7aae8004f0042d3c4d250ace81053dbc3e31fecf
-
SHA256
087b9f549d23316dc43dd3f6b2280fdfde113bc457b785066f8657115a7ef555
-
SHA512
56b7da6973995c0e007ce78f62c5a45db54f8448ff7f0af6fcebe1a5f63c5d30b6864b7d0ae5c940f0db1d12c7363d87037a2b166caf51bc9b32175a95072710
Score10/10-
Gootkit
Gootkit is a banking trojan, where large parts are written in node.JS.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-