Overview

overview

10

Static

static

43509f678c...5d.exe

windows7_x64

10

43509f678c...5d.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d

  • Size

    97KB

  • Sample

    220707-3am6csaaf9

  • MD5

    3be315046348568a36b8976f64ce7297

  • SHA1

    96f95f161f01926928dec5560a5a1c5094e4e6a2

  • SHA256

    43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d

  • SHA512

    d5857f4aa8ddf34334de82f182065a1cb80fc0f17d75620a3677aa6225b3024cf1472fab23ac8f88b0096336dd0845bdfe36270c49ade99d124585a133b5f74a

Score
10/10
gootkit1001bankerbotnetsuricatatrojan

Malware Config

Extracted

Family

gootkit

Botnet

1001

C2

pell-talak.com

gudsline.com
Attributes
  • vendor_id

    1001

Targets

    • Target

      43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d

    • Size

      97KB

    • MD5

      3be315046348568a36b8976f64ce7297

    • SHA1

      96f95f161f01926928dec5560a5a1c5094e4e6a2

    • SHA256

      43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d

    • SHA512

      d5857f4aa8ddf34334de82f182065a1cb80fc0f17d75620a3677aa6225b3024cf1472fab23ac8f88b0096336dd0845bdfe36270c49ade99d124585a133b5f74a

    Score
    10/10
    gootkit1001bankerbotnetsuricatatrojan

    • Gootkit

      Gootkit is a banking trojan, where large parts are written in node.JS.

      trojanbankerbotnetgootkit

    • suricata: ET MALWARE ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2)

      suricata: ET MALWARE ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2)

      suricata
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks