Details
Malware Family Bozok
Date Added Feb. 1, 2016, 9:47 p.m.
MD5 4a17d075b984ea8163c3accdbf204eb0
Sha256 1a0b848d34445729561191200c045b951a1047aef0bd1b5a922d1cc5685ffe83
Robot Robots lovingly delivered by robohash.org
Config Sections
Domain khh6228.ddns.net*
InstallName svchost.exe
Visible Flag 0
Extension ext.dat
Port 6228
Startup Flag 1
Mutex dkl3B17cofnpO
StartupName qweasd
ServerID Beaver
Password mypass
Unknown Flag1 0
Install Flag 1
Unknown Flag3 0
Unknown Flag2 0
Advertising
VirusTotal

40 out of 54 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
khh6228.ddns.net 112.156.0.141 KR
Geo Location
Yara Rules
Comments
comments powered by Disqus