Extracted

• • Target

    2d023b31befef307e418f35dccac149540e9b821ccef1630b38fad4773e0b9c3

  • Size

    284KB

  • MD5

    decf1fbb274d5e4b50ea860d06e8f663

  • SHA1

    35b77da31d99efe2fe70d50bca795a02c9d78641

  • SHA256

    2d023b31befef307e418f35dccac149540e9b821ccef1630b38fad4773e0b9c3

  • SHA512

    79e59b17485ca76064314203c2d14744599ce720ae4357457679660c91c832b731f58a1dc7e999d213dc9034b171352c9e0ebc911328e087788b84d845180507

  Score

  10^/10

  gootkit1002bankerbotnettrojan

  • Gootkit

    Gootkit is a banking trojan, where large parts are written in node.JS.

    trojanbankerbotnetgootkit

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  behavioral1behavioral2