Overview

overview

10

Static

static

4b507c772a...3f.exe

windows7_x64

10

4b507c772a...3f.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f

  • Size

    254KB

  • Sample

    220712-mebecsdhdq

  • MD5

    dcb6c44e6a850f0e4444a3bd8e4249c5

  • SHA1

    0c54b4afe4c6670bec75a4fa8230015bda4f159a

  • SHA256

    4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f

  • SHA512

    b6e4dfc3205c867c5dfbbfb9a8f5a95bbb28b243f1351c1658aab3357005915938e5f62a70d5f8273f5b9a62f0216ea0e35b9a5dc68a6b03cbdf53882960bdb7

Score
10/10
gootkit777bankerbotnettrojan

Malware Config

Extracted

Family

gootkit

Botnet

777

C2

madregobilsg.com

kerymarynicegross.com

pillygreamstronh.com

charnchiumbong.com

kiwimujirahdron.com
Attributes
  • vendor_id

    777

Targets

    • Target

      4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f

    • Size

      254KB

    • MD5

      dcb6c44e6a850f0e4444a3bd8e4249c5

    • SHA1

      0c54b4afe4c6670bec75a4fa8230015bda4f159a

    • SHA256

      4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f

    • SHA512

      b6e4dfc3205c867c5dfbbfb9a8f5a95bbb28b243f1351c1658aab3357005915938e5f62a70d5f8273f5b9a62f0216ea0e35b9a5dc68a6b03cbdf53882960bdb7

    Score
    10/10
    gootkit777bankerbotnettrojan

    • Gootkit

      Gootkit is a banking trojan, where large parts are written in node.JS.

      trojanbankerbotnetgootkit

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks