General

  • Target

    1824-56-0x0000000000400000-0x0000000000462000-memory.dmp

  • Size

    392KB

  • MD5

    307a57c4a6b658fc2cbaa7157af775f4

  • SHA1

    7ba843169402d4672e697e7552288d541715a50a

  • SHA256

    688a28ef8c7fbdc64e8d020882b64873016fbbbbf63fc3569e1d3b5b80731028

  • SHA512

    ca9fb7c8167c6e482726853952478a380147d1615b0a4212a0c7ea807480168358b115e2da9f7dc282130b8aabaf91dd134d4e5b9a1462c210c60f5f3bbaa644

  • SSDEEP

    6144:XfIbSKQGiTK6AOQXMwYIK3IV7l0doNn2ay964atVFtr57:PkSKATXHQX9YIK3y6d8n7y9+75

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

11111

C2

trackingg-protectioon.cdn1.mozilla.net

194.76.225.168

194.76.224.242

Attributes
  • base_path

    /fonts/

  • build

    250240

  • exe_type

    loader

  • extension

    .bak

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1824-56-0x0000000000400000-0x0000000000462000-memory.dmp
    .exe windows x86


    Headers

    Sections