Overview

overview

10

Static

static

3

370af9bb1e...18.exe

windows7-x64

10

370af9bb1e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    370af9bb1ec73c9348ca53d9bf28b7cb_JaffaCakes118

  • Size

    189KB

  • Sample

    240511-26k57sdd8s

  • MD5

    370af9bb1ec73c9348ca53d9bf28b7cb

  • SHA1

    44e8c64a1e3a2f7e22c35daffb349b8736247659

  • SHA256

    7166921e37458ba67f1e96a7ed289edf0e6157664f8e8e84767a215c9ecc9cd3

  • SHA512

    c160e94ab54994c432c35509a0ad815dc5edbda7108b543e464c45b095c958d46d0646bc4f9971cae6d1021ffb90de62a6956c189936d6cc6badaf98e4849b2c

  • SSDEEP

    3072:ZZ1EuyleuFqObco92BjB3hkyRQW3BaG3oJYsYrQ14nqWsyPzO0w8Rh5:ZZ13luD9OwiBaGDU0OH8T

Score
10/10
gootkit2862bankerbotnettrojan

Malware Config

Extracted

Family

gootkit

Botnet

2862

C2

roma.simplebutmatters.com

dom.jmitchelldayton.com
Attributes
  • vendor_id

    2862

Targets

    • Target

      370af9bb1ec73c9348ca53d9bf28b7cb_JaffaCakes118

    • Size

      189KB

    • MD5

      370af9bb1ec73c9348ca53d9bf28b7cb

    • SHA1

      44e8c64a1e3a2f7e22c35daffb349b8736247659

    • SHA256

      7166921e37458ba67f1e96a7ed289edf0e6157664f8e8e84767a215c9ecc9cd3

    • SHA512

      c160e94ab54994c432c35509a0ad815dc5edbda7108b543e464c45b095c958d46d0646bc4f9971cae6d1021ffb90de62a6956c189936d6cc6badaf98e4849b2c

    • SSDEEP

      3072:ZZ1EuyleuFqObco92BjB3hkyRQW3BaG3oJYsYrQ14nqWsyPzO0w8Rh5:ZZ13luD9OwiBaGDU0OH8T

    Score
    10/10
    gootkit2862bankerbotnettrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks