General

  • Target

    1764-57-0x0000000074CD0000-0x0000000074F7B000-memory.dmp

  • Size

    2.7MB

  • MD5

    c545397e529b2587deae5d57e77dfb02

  • SHA1

    80f92f7c120058d976866787eb9dcba2c9c1f5db

  • SHA256

    f289ad1941c8ac398a54f60fa8e5f50df9b774b245101815e505fb8dac7d6ccb

  • SHA512

    dcfd4b2887719e2293646250e72f944b289d324246047def8c215edeea66c82f52840e02f008d17b455af05aeb54acc3cc9627b73d308661647162749c8f5d74

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7613

C2

interlines.top

interlines.space

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1764-57-0x0000000074CD0000-0x0000000074F7B000-memory.dmp
    .dll windows x86


    Code Sign

    Headers

    Sections