Details
Malware Family Bozok
Date Added Feb. 1, 2016, 9:47 p.m.
MD5 0c74818382add22b5cd14135b6ed4305
Sha256 5d27ef6d23f5473f4364675638add27773d8be889a259ef1ef687c1dc4cacff5
Robot Robots lovingly delivered by robohash.org
Config Sections
Domain khh6228.ddns.net*
InstallName svchost.exe
Visible Flag 0
Extension ext.dat
Port 6228
Startup Flag 1
Mutex XBVvZrhz1naWG
StartupName asdasd
ServerID MDSV
Password mypass
Unknown Flag1 0
Install Flag 1
Unknown Flag3 0
Unknown Flag2 0
Advertising
VirusTotal

44 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
khh6228.ddns.net 112.156.0.141 KR
Geo Location
Yara Rules
Comments
comments powered by Disqus