GootKit

GootKit GootLoader. RIBA UK construction seo poisoning. JS obfuscation. Stanford dead drop.

Threat Profile
Type Backdoor
Programming LanguageC++
C2 ProtocolHTTPS .su
First Seen2010
Targets Küresel/UK
Purpose / Capabilities
  • Banking/Web Inject

C2 Servers 1

Address Port Protocol Status Action
shinezv.su
443 HTTPS INACTIVE

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (2)

Critical

GootKit2 -- Riba_domestic_building_contract İngiltere İnşaat Sektörü SEO Lürü, answerw Obfuscated JS Payload, Stanford Stanford + astron-soc.in | Kritik

GootKit2 144KB JS dosyasi. Riba_domestic_building_contract_free İngiltere inşaat sektörü SEO zehirleme. answerw gizlenmiş payload. Stanford hummer.edu astron-soc.in URL.

Read Report →
High

GootKit -- RIBA Bina Sözleşme PDF İngiltere Hedefi, shinezv.su hex.su str.su .SU C2 Domainleri | Yüksek

GootKit 143KB Riba domestic building contract UK ingiltere mimarlik lustusu. shinezv.su hex.su hxa.su mode.su str.su value.su alti .su C2 domain.

Read Report →