gozi | 1128-159-0x0000021FCCB40000-0x0000021FCCB7D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

1128-159-0x0000021FCCB40000-0x0000021FCCB7D000-memory.dmp
Size

244KB
MD5

d33bfcd275daed906e047f91bf3f0443
SHA1

d7904e0bc812610ce7f37b4d2541772b07c79df7
SHA256

15c600269d64ebe5281f7ce4f748f831260d7dd47bc1971c6cd93c9df7f04db8
SHA512

d1428c583f4f4aadce6c30dee3a814c8849ba73e649b675bb7a33b096117be32998c18a93254a44c58db066070169c41060afc6345cb811f50ad3ecc33ff0af0
SSDEEP

3072:9AkjjKzIEuQ5tKuQOs64E5i7BNSM23Yjn6PMDx/xDK4T0kC75jcj+aGOeOlpv2B1:9AFuPuQxiir23Yj6PMDx/xDKB5NfB

Score

10^/10

isfb 7638 gozi

Malware Config

Extracted

Family

gozi

Botnet

7638

C2

185.31.160.229

31.41.44.60

31.41.46.132

185.31.162.9

62.173.147.113

Attributes

base_path
/images/
exe_type
worker
extension
.jlk
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

1128-159-0x0000021FCCB40000-0x0000021FCCB7D000-memory.dmp

© 2018-2025

Terms | Privacy