General
-
Target
1060-54-0x0000000000030000-0x000000000003D000-memory.dmp
-
Size
52KB
-
MD5
c7c7a20a5f9235ef7742586ae74602e7
-
SHA1
ea94d005d1af17e82220db2c456a5d7ae1f237c9
-
SHA256
ee0d85cc092e42c775c174f337a3470bb070482bb5b3ef00abf714d85d0e3a33
-
SHA512
4c69811908c0413d727f3061811547ebdd84973c417953a02bc5618f44cf8382653e1cb2543743da20e0a102bc3f59f3f7b8dd52a3e069d4d3b63c75a1470747
-
SSDEEP
768:t810AE+LKbobvT34luMOY0/xvZyqFUfehkgrjVU58MgJXFlkq9k:tM0AE+LKbsc8BoqgeiejVU58MkTR9k
Score
10/10
Malware Config
Extracted
Family
gozi_ifsb
Botnet
10103
C2
trackingg-protectioon.cdn1.mozilla.net
45.8.158.104
188.127.224.114
weiqeqwns.com
wdeiqeqwns.com
weiqeqwens.com
weiqewqwns.com
iujdhsndjfks.com
Attributes
-
base_path
/uploaded/
-
build
250246
-
exe_type
loader
-
extension
.pct
-
server_id
50
rsa_pubkey.plain
aes.plain
Signatures
-
Gozi_ifsb family
Files
-
1060-54-0x0000000000030000-0x000000000003D000-memory.dmp
Headers
Sections