General
-
Target
4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f
-
Size
254KB
-
Sample
220712-mebecsdhdq
-
MD5
dcb6c44e6a850f0e4444a3bd8e4249c5
-
SHA1
0c54b4afe4c6670bec75a4fa8230015bda4f159a
-
SHA256
4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f
-
SHA512
b6e4dfc3205c867c5dfbbfb9a8f5a95bbb28b243f1351c1658aab3357005915938e5f62a70d5f8273f5b9a62f0216ea0e35b9a5dc68a6b03cbdf53882960bdb7
Malware Config
Extracted
gootkit
777
madregobilsg.com
kerymarynicegross.com
pillygreamstronh.com
charnchiumbong.com
kiwimujirahdron.com
-
vendor_id
777
Targets
-
-
Target
4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f
-
Size
254KB
-
MD5
dcb6c44e6a850f0e4444a3bd8e4249c5
-
SHA1
0c54b4afe4c6670bec75a4fa8230015bda4f159a
-
SHA256
4b507c772a51849ca0959c05bdd8733d41adaa55fb13d2c7e0419ad1f5418f3f
-
SHA512
b6e4dfc3205c867c5dfbbfb9a8f5a95bbb28b243f1351c1658aab3357005915938e5f62a70d5f8273f5b9a62f0216ea0e35b9a5dc68a6b03cbdf53882960bdb7
Score10/10-
Gootkit
Gootkit is a banking trojan, where large parts are written in node.JS.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-