PowerPoint Presentation
Show in Graph
Image Description
Common Information
Type Value
UUID 93d98354-cfb6-41b1-a6ef-1c2d77fb9c1a
Fingerprint cdb4abdffcca6a7f82029d3c3c8bcb28f6fe5513fce87270fffa8d7dd8487573
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 15, 2022, 6:18 p.m.
Added to db Feb. 7, 2024, 7 p.m.
Last updated Aug. 31, 2024, 2:08 a.m.
Headline PowerPoint Presentation
Title PowerPoint Presentation
Detected Hints/Tags/Attributes 54/2/28
Source URLs
Redirection Url
Details Source https://www.hivepro.com/wp-content/uploads/2022/12/A-New-GoLang-Botnet-named-GoTrim-BruteForcing-multiple-CMS_TA2022299.pdf
URL Provider
Details Provider Source level domain
Details hivepro.com www.hivepro.com
Attributes
Details Type #Events CTI Value
Details Domain 144 
www.fortinet.com
Details Domain 78 
securityaffairs.co
Details Domain 435 
www.hivepro.com
Details File 1 
gotrim-botnet-wordpress.html
Details IPv4 2 
77.73.133.99
Details IPv4 2 
89.208.107.12
Details MITRE ATT&CK Techniques 17 
T1584.005
Details MITRE ATT&CK Techniques 219 
T1113
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 208 
T1068
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 157 
T1560
Details MITRE ATT&CK Techniques 116 
T1134
Details MITRE ATT&CK Techniques 149 
T1102
Details MITRE ATT&CK Techniques 125 
T1110
Details Url 1 
https://www.fortinet.com/blog/threat-research/gotrim-go-based-botnet-actively-brute-
Details Url 1 
https://securityaffairs.co/wordpress/139647/malware/gotrim-botnet-wordpress.html
Details Url 2 
http://77.73.133.99/taka
Details Url 2 
http://77.73.133.99/trester
Details Url 2 
http://77.73.133.99/pause
Details Url 1 
http://77.73.133.99
Details Url 2 
http://77.73.133.99/selects?dram=1
Details Url 2 
http://77.73.133.99/selects?bilert=1
Details Url 2 
http://77.73.133.99/route?index=1
Details Url 2 
http://77.73.133.99/route?alert=1
Details Url 2 
http://89.208.107.12
Details Url 2 
http://89.208.107.12/selects?param=1
Details Url 2 
http://89.208.107.12/selects?walert=1