General
-
Target
1284-58-0x00000000001C0000-0x000000000023E000-memory.dmp
-
Size
504KB
-
MD5
98829bdfa538fa1e79b5daa936291923
-
SHA1
c2cd0a5483951fb6aef10d1846fb8894a1f39c43
-
SHA256
f3db1ec50178ec2cfff7bbc7e2d9c5695502e313f7bcacb754b7358df4a954f3
-
SHA512
537abc90f7f9059f7bc2dce961dbd95c602f7355f5aab81e112fd17465104aea5e514b270fdd5ff02daf9f4be12db31b3986426b0cadb32e0e9d6c6038fac82b
-
SSDEEP
768:72T5/vuoHEvEyryZP45lD3WH1cR/YCDxAHRNLsu24kx:c5/vuKdHZP4nmeRDmHRRsgk
Score
10/10
Malware Config
Extracted
Family
gozi
Extracted
Family
gozi
Botnet
5050
C2
config.edge.skype.com
optinetwork.top
onlynetwork.top
internetcoca.in
dendexmm.com
Attributes
-
base_path
/jerry/
-
build
250249
-
exe_type
loader
-
extension
.bob
-
server_id
50
rsa_pubkey.plain
aes.plain
Signatures
-
Gozi family
Files
-
1284-58-0x00000000001C0000-0x000000000023E000-memory.dmp
Headers
Sections