General

  • Target

    1904-57-0x0000000000400000-0x00000000004ED000-memory.dmp

  • Size

    948KB

  • MD5

    0255051b61d3e3cfb47c1b198daa4891

  • SHA1

    0e6ee39065829736c20224a5e9f37c6ada247ea1

  • SHA256

    5b117bf5ab073c25796be5161042fb3719864ccf4201143f5429d986794810d1

  • SHA512

    88a1bdfd2417d0d769ce11d6f0d5425772b3e057061ae2d329f0e8ed95322513de58529bb1d80c9a8760e133b50cc99ae3351e44c15b5c22941596a3596485dc

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1904-57-0x0000000000400000-0x00000000004ED000-memory.dmp
    .exe windows x86


    Code Sign

    Headers

    Sections