gootkit | aa2ebb9abf516d6a530683727d18aea01fab4698d908904fc8e622fec00a8aca | Triage

Sharing

General

Target

aa2ebb9abf516d6a530683727d18aea01fab4698d908904fc8e622fec00a8aca
Size

97KB
Sample

221108-f3lfxacafr
MD5

0912d7f53812a0ab61e0c1001eb107f0
SHA1

a9f1039a88b5ccd210c9dbf227ea23bcb562993d
SHA256

aa2ebb9abf516d6a530683727d18aea01fab4698d908904fc8e622fec00a8aca
SHA512

aa21ee7607c8d928550ef9cd47638f65ecade923629d072fe91bd9a0a6e23853eb585d75917273ef7104e91f2da032db736764d3d1f09124e2bec92332049f7f
SSDEEP

3072:7W+EGGxgfhI/5KOEwvDRRVkT6KsRPKfXE:7NhyuhIBpRRVgsRP2

Score

10^/10

gootkit 1001 banker botnet trojan

Malware Config

Extracted

Family

gootkit

Botnet

1001

C2

pell-talak.com

gudsline.com

Attributes

vendor_id
1001

Targets

- Target
  
  aa2ebb9abf516d6a530683727d18aea01fab4698d908904fc8e622fec00a8aca
- Size
  
  97KB
- MD5
  
  0912d7f53812a0ab61e0c1001eb107f0
- SHA1
  
  a9f1039a88b5ccd210c9dbf227ea23bcb562993d
- SHA256
  
  aa2ebb9abf516d6a530683727d18aea01fab4698d908904fc8e622fec00a8aca
- SHA512
  
  aa21ee7607c8d928550ef9cd47638f65ecade923629d072fe91bd9a0a6e23853eb585d75917273ef7104e91f2da032db736764d3d1f09124e2bec92332049f7f
- SSDEEP
  
  3072:7W+EGGxgfhI/5KOEwvDRRVkT6KsRPKfXE:7NhyuhIBpRRVgsRP2
Score

10^/10

gootkit 1001 banker botnet trojan
- Gootkit
  Gootkit is a banking trojan, where large parts are written in node.JS.
  trojan banker botnet gootkit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gootkit1001bankerbotnettrojan

behavioral2

gootkit1001bankerbotnettrojan