General
-
Target
51c54ed3a0a1fd2576cecf974d189043f42355c1c97ba761d88a0885e732f4f1
-
Size
268KB
-
Sample
220717-ssy1gaebam
-
MD5
191e32c98a540b72ebddf3dfbb3436a4
-
SHA1
f812053fbb4dd3bb776b70b88a3bc494de7f9177
-
SHA256
51c54ed3a0a1fd2576cecf974d189043f42355c1c97ba761d88a0885e732f4f1
-
SHA512
971c569e0389d9bd356200e3b1a9c8a644d5c09998108b9decf188c67143406850e58f64ba89c5be2fb307754050e997176352ebbd44ee51e81493075363f7fb
Malware Config
Extracted
gootkit
2410
clean.eco2plastic.com
ecos.eco2environmental.biz
trkajtools.com
quoteszones.com
mobileinstore.co.uk
-
vendor_id
2410
Targets
-
-
Target
51c54ed3a0a1fd2576cecf974d189043f42355c1c97ba761d88a0885e732f4f1
-
Size
268KB
-
MD5
191e32c98a540b72ebddf3dfbb3436a4
-
SHA1
f812053fbb4dd3bb776b70b88a3bc494de7f9177
-
SHA256
51c54ed3a0a1fd2576cecf974d189043f42355c1c97ba761d88a0885e732f4f1
-
SHA512
971c569e0389d9bd356200e3b1a9c8a644d5c09998108b9decf188c67143406850e58f64ba89c5be2fb307754050e997176352ebbd44ee51e81493075363f7fb
Score10/10-
Gootkit
Gootkit is a banking trojan, where large parts are written in node.JS.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-