Overview

overview

10

Static

static

10

1088-100-0...ry.dll

windows7-x64

3

1088-100-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1088-100-0x00000000002E0000-0x0000000000374000-memory.dmp

  • Size

    592KB

  • MD5

    90c45f76d5a402997b4fa3f4b0a819e3

  • SHA1

    90905ffbdc196cf6c818c6e5c50baf1dab4fad2f

  • SHA256

    2a99a903cb89717f75945c34cdb785c3cf5b99fa3e38c995fb556239681a119d

  • SHA512

    f9b027c4e58001e77356ce7bc30195755de4ea01ee448fcb3773036683e9c38be3a3b8e59e6818068d6e1d1a99aa981162fc75adda9002c00c45a380eb04e345

  • SSDEEP

    768:i2xO/MHJN5YvtyUJQs2Jl0QbUYHwd3aQD/I64VikpA2HkcSt+y:NOkHJXsr2Jl0QbUp3LH4tpA2Ec

Score
10/10
isfb50000gozi

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

50000

C2

http://confisg.edges.skype.com

http://108.61.165.145

http://37.120.222.23

http://194.76.224.234

http://176.10.111.47
Attributes
  • base_path

    /grome/

  • build

    250249

  • exe_type

    loader

  • extension

    .chk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1088-100-0x00000000002E0000-0x0000000000374000-memory.dmp
    .dll windows x86


    Headers

    Sections