Details
Malware Family Bozok
Date Added Dec. 2, 2016, 6:25 a.m.
MD5 bef8e220a43cf1f166db1a518e673cba
Sha256 f0876c4d8b15ac0f734e1b1c552819731515f14544fa02b5ac94579c28e263f6
Robot Robots lovingly delivered by robohash.org
Config Sections
Domain blockerxxx.no-ip.org*
InstallName Whatsapp Mesaj Okuma v3.exe
Visible Flag 0
Extension Whatsapp Mesaj Okuma v3.exe
Port 1515
Startup Flag 1
Mutex O37CLe8kFN6Qi
StartupName Whatsapp Mesaj Okuma v3.exe
ServerID Admin
Password 12345
Unknown Flag1 0
Install Flag 1
Unknown Flag3 0
Unknown Flag2 0
Advertising
VirusTotal

46 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
blockerxxx.no-ip.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus