General
-
Target
5982fb0c9e888cd3be9cfdf7a2b620122d99af6414efdb115ddaa61d5c1981b1
-
Size
52KB
-
Sample
220625-gasj7aacc3
-
MD5
8b2457a9e2e924c107838eef31fa8723
-
SHA1
74f533e3609e12f13338a38c4c3784612601b8b0
-
SHA256
5982fb0c9e888cd3be9cfdf7a2b620122d99af6414efdb115ddaa61d5c1981b1
-
SHA512
ba668dc45ab7c53b4606d126929111b3e54c5cf59a1ebba7b00106c8d36caa027a9c4bb27d83e6f8caefd9474a9e204b149669d16bab8d2de7f8ed75dab21ce2
Malware Config
Extracted
gootkit
4
ewerwelk.net
neperalani.com
-
vendor_id
4
Targets
-
-
Target
5982fb0c9e888cd3be9cfdf7a2b620122d99af6414efdb115ddaa61d5c1981b1
-
Size
52KB
-
MD5
8b2457a9e2e924c107838eef31fa8723
-
SHA1
74f533e3609e12f13338a38c4c3784612601b8b0
-
SHA256
5982fb0c9e888cd3be9cfdf7a2b620122d99af6414efdb115ddaa61d5c1981b1
-
SHA512
ba668dc45ab7c53b4606d126929111b3e54c5cf59a1ebba7b00106c8d36caa027a9c4bb27d83e6f8caefd9474a9e204b149669d16bab8d2de7f8ed75dab21ce2
Score10/10-
Gootkit
Gootkit is a banking trojan, where large parts are written in node.JS.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-