Overview

overview

10

Static

static

8c338feff1...7d.exe

windows7-x64

10

8c338feff1...7d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8c338feff17e2893d8ef36b0477d6b8e44c6146d4223e0013c99f89a01116a7d

  • Size

    249KB

  • Sample

    220731-h12ffsfabr

  • MD5

    de55f92fcc38046896677011e9a4fc2c

  • SHA1

    1e5d3815b41cc57d7315126cdff526f3ca8c4bbe

  • SHA256

    8c338feff17e2893d8ef36b0477d6b8e44c6146d4223e0013c99f89a01116a7d

  • SHA512

    816840838360389cfde7b634cb61206a1b6480f3165050b4faa1f8bf2d99efc7790e201f10f56963e8de4df80c7c6c9ef701c7c1628e4ddc740732537f0ce555

Score
10/10
gootkit777bankerbotnettrojan

Malware Config

Extracted

Family

gootkit

Botnet

777

C2

chaabattent.com

kladrykroptur.com

madregobilsg.com

kerymarynicegross.com

pillygreamstronh.com
Attributes
  • vendor_id

    777

Targets

    • Target

      8c338feff17e2893d8ef36b0477d6b8e44c6146d4223e0013c99f89a01116a7d

    • Size

      249KB

    • MD5

      de55f92fcc38046896677011e9a4fc2c

    • SHA1

      1e5d3815b41cc57d7315126cdff526f3ca8c4bbe

    • SHA256

      8c338feff17e2893d8ef36b0477d6b8e44c6146d4223e0013c99f89a01116a7d

    • SHA512

      816840838360389cfde7b634cb61206a1b6480f3165050b4faa1f8bf2d99efc7790e201f10f56963e8de4df80c7c6c9ef701c7c1628e4ddc740732537f0ce555

    Score
    10/10
    gootkit777bankerbotnettrojan

    • Gootkit

      Gootkit is a banking trojan, where large parts are written in node.JS.

      trojanbankerbotnetgootkit

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks