General

  • Target

    1724-56-0x0000000000400000-0x0000000000475000-memory.dmp

  • Size

    468KB

  • MD5

    e9f0246d1e08b5a9f8c07130dd004394

  • SHA1

    65b0d193995c76622cbbfd8d56eaacdf43e4ffc7

  • SHA256

    8700616aa517bc038e37260ab27511172a383d9cf466d4956e84bb82a42bec11

  • SHA512

    075048452e71d2022b500c91e8d4c25bc6ccc5f6ba5dc9581cf98e21ee8b883d376dcc86f768a9a78c713141488176eec9c72960387a9c082714155b8016ebd6

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1724-56-0x0000000000400000-0x0000000000475000-memory.dmp
    .exe windows x86


    Code Sign

    Headers

    Sections