Overview

overview

10

Static

static

11cc671e9c...b9.exe

windows7_x64

10

11cc671e9c...b9.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11cc671e9cb1367e0b1545bd7b3d6e131eb0ad02d9424ae75796bd971fb271b9

  • Size

    252KB

  • Sample

    220603-31prwaacb3

  • MD5

    8852dcdefe156a364d92ae3831477947

  • SHA1

    4f59b5f273c3bcb955467fe7ad259b346d9994cf

  • SHA256

    11cc671e9cb1367e0b1545bd7b3d6e131eb0ad02d9424ae75796bd971fb271b9

  • SHA512

    807c50da656b63a29abd46025bd5041087139c04826a73711268a5ee403ade0a173b6086d75693039bb93e1c7a58deeefedcaa401cd10664fc1e6ba9fd29d66a

Score
10/10
gootkit777bankerbotnettrojan

Malware Config

Extracted

Family

gootkit

Botnet

777

C2

chaabattent.com

kladrykroptur.com

madregobilsg.com

kerymarynicegross.com

pillygreamstronh.com
Attributes
  • vendor_id

    777

Targets

    • Target

      11cc671e9cb1367e0b1545bd7b3d6e131eb0ad02d9424ae75796bd971fb271b9

    • Size

      252KB

    • MD5

      8852dcdefe156a364d92ae3831477947

    • SHA1

      4f59b5f273c3bcb955467fe7ad259b346d9994cf

    • SHA256

      11cc671e9cb1367e0b1545bd7b3d6e131eb0ad02d9424ae75796bd971fb271b9

    • SHA512

      807c50da656b63a29abd46025bd5041087139c04826a73711268a5ee403ade0a173b6086d75693039bb93e1c7a58deeefedcaa401cd10664fc1e6ba9fd29d66a

    Score
    10/10
    gootkit777bankerbotnettrojan

    • Gootkit

      Gootkit is a banking trojan, where large parts are written in node.JS.

      trojanbankerbotnetgootkit

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks