Details
Malware Family Bozok
Date Added Jan. 16, 2016, 3 a.m.
MD5 29710144dc972801af8610f5b5d1f9ca
Sha256 3862dd4fa24e927bdbf50e0029bf5ca2476c92c5ee0ffd838e2b511bf00b7c85
Robot Robots lovingly delivered by robohash.org
Config Sections
Domain kyr527.codns.com*
InstallName qwe.exe
Visible Flag 0
Extension ext.dat
Port 1515
Startup Flag 0
Mutex awkgo3H1Z2lyT
StartupName
ServerID TestServer
Password 1234
Unknown Flag1 1
Install Flag 1
Unknown Flag3 1
Unknown Flag2 0
Advertising
VirusTotal

46 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
kyr527.codns.com 127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus