General

  • Target

    1336-56-0x0000000000400000-0x0000000000475000-memory.dmp

  • Size

    468KB

  • MD5

    e4e519f783267f79c1abb1c202bb9362

  • SHA1

    37ddd04faf0ab3e697d175c7ce7cfba8d6a93120

  • SHA256

    54849fd2b4dd1f2a45daa7925277a941424cd85c3fe07d5b754e20da87e887dc

  • SHA512

    3ccc88f71f44d685184b9f865d91ca9066eda4f7dbb32fe8db0cdca753665f7820eda4f8962f20619e396f00ef662066113c5442fd8e231bd231fabd007efabd

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1336-56-0x0000000000400000-0x0000000000475000-memory.dmp
    .exe windows x86


    Code Sign

    Headers

    Sections