General
-
Target
370af9bb1ec73c9348ca53d9bf28b7cb_JaffaCakes118
-
Size
189KB
-
Sample
240511-26k57sdd8s
-
MD5
370af9bb1ec73c9348ca53d9bf28b7cb
-
SHA1
44e8c64a1e3a2f7e22c35daffb349b8736247659
-
SHA256
7166921e37458ba67f1e96a7ed289edf0e6157664f8e8e84767a215c9ecc9cd3
-
SHA512
c160e94ab54994c432c35509a0ad815dc5edbda7108b543e464c45b095c958d46d0646bc4f9971cae6d1021ffb90de62a6956c189936d6cc6badaf98e4849b2c
-
SSDEEP
3072:ZZ1EuyleuFqObco92BjB3hkyRQW3BaG3oJYsYrQ14nqWsyPzO0w8Rh5:ZZ13luD9OwiBaGDU0OH8T
Malware Config
Extracted
gootkit
2862
roma.simplebutmatters.com
dom.jmitchelldayton.com
-
vendor_id
2862
Targets
-
-
Target
370af9bb1ec73c9348ca53d9bf28b7cb_JaffaCakes118
-
Size
189KB
-
MD5
370af9bb1ec73c9348ca53d9bf28b7cb
-
SHA1
44e8c64a1e3a2f7e22c35daffb349b8736247659
-
SHA256
7166921e37458ba67f1e96a7ed289edf0e6157664f8e8e84767a215c9ecc9cd3
-
SHA512
c160e94ab54994c432c35509a0ad815dc5edbda7108b543e464c45b095c958d46d0646bc4f9971cae6d1021ffb90de62a6956c189936d6cc6badaf98e4849b2c
-
SSDEEP
3072:ZZ1EuyleuFqObco92BjB3hkyRQW3BaG3oJYsYrQ14nqWsyPzO0w8Rh5:ZZ13luD9OwiBaGDU0OH8T
Score10/10-
Gootkit
Gootkit is a banking trojan, where large parts are written in node.JS.
-