GootKit
GootKit GootLoader. RIBA UK construction seo poisoning. JS obfuscation. Stanford dead drop.
Threat Profile
Type
Backdoor
Programming LanguageC++
C2 ProtocolHTTPS .su
First Seen2010
Targets
Küresel/UK
Purpose / Capabilities
- Banking/Web Inject
C2 Servers 1
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
shinezv.su
|
443 | HTTPS | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (2)
GootKit2 -- Riba_domestic_building_contract İngiltere İnşaat Sektörü SEO Lürü, answerw Obfuscated JS Payload, Stanford Stanford + astron-soc.in | Kritik
GootKit2 144KB JS dosyasi. Riba_domestic_building_contract_free İngiltere inşaat sektörü SEO zehirleme. answerw gizlenmiş payload. Stanford hummer.edu astron-soc.in URL.
Read Report →GootKit -- RIBA Bina Sözleşme PDF İngiltere Hedefi, shinezv.su hex.su str.su .SU C2 Domainleri | Yüksek
GootKit 143KB Riba domestic building contract UK ingiltere mimarlik lustusu. shinezv.su hex.su hxa.su mode.su str.su value.su alti .su C2 domain.
Read Report →