Details
Malware Family Bozok
Date Added March 23, 2015, 8:29 p.m.
MD5 d6318c3b7067b0b7efbc325e2639e6f0
Sha256 391a9c29a091ba58a1e7b7b77e83da7facfa131b4bec5441ef33a99ae94e4a75
Robot Robots lovingly delivered by robohash.org
Config Sections
Domain trg221.no-ip.org*
InstallName notepad.exe
Visible Flag 0
Extension ext.dat
Port 1515
Startup Flag 1
Mutex ZKm8HJSTBicj2
StartupName publickhk
ServerID TestServer
Password mypass
Unknown Flag1 0
Install Flag 1
Unknown Flag3 0
Unknown Flag2 1
Advertising
VirusTotal

23 out of 47 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
trg221.no-ip.org 121.164.194.7 KR
Geo Location
Yara Rules
Comments
comments powered by Disqus