Galock
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
(Botnet) Link to the old Wiki page : [1] / Google search: [2]
| Galock | |
|---|---|
| Alias | |
| Group | Police lock |
| Parent | |
| Sibling | |
| Family | |
| Relations | Variants: Sibling of: |
| Target | |
| Origin | |
| Distribution vector | RedKit |
| UserAgent | |
| CCProtocol | |
| Activity | 2013-02 / |
| Status | |
| Language | |
| Programming language | |
| Operation/Working group | |
Introduction
2013-03-21 Files stored in %Appdata% with UID name.
- Jpeg (generated on the fly with hardcoded data) - exe
md5
4b0be767a3c3adb528220756579b1086 - 8e5a21921e2ae8853143bfe84d564232 - 5a483877c0bba2bab9c4510b2c31cd3a 2013-03 244e7918670f01901c9502b5f34a59e1 - 31b1e0ed90dfe17ec959436792c8a99c - 928574ec069404777ad22799d0c96688 2013-03
httpget
194.242.59.55 /get_image?uid=[GUID]&os=5&partner_id=11&hostname=[COMPUTERNAME]&account=[USERNAME]&language=ENU&codepage=1252 /knock?uid=[GUID]&os=5&partner_id=11&hostname=[COMPUTERNAME]&account=[USERNAME]&language=ENU&codepage=1252
Features
Associated images
Galock US 2013-03
