gozi | 2020-161-0x00000000075E0000-0x0000000007682000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

2020-161-0x00000000075E0000-0x0000000007682000-memory.dmp
Size

648KB
MD5

0ad68656b13f35eee3c6995e4b2764bb
SHA1

ed812e4a2157ed9c2de148f0a71b72cc5d4bcdc6
SHA256

866118f5474d14dfb36830d992aa4ffc994c23233736632ef8234b973db26c67
SHA512

3ec92e872ad01b272168bf74f79b662a3fe686da5ed6ab494300ccb47af26f42ea91c95fb92735af044d451be83b1fd17bed085558cac758782c08e2154154c7
SSDEEP

12288:Vbpy9XP+0ZX7XGXgSjHql5YMsqxVl3pZ/lht9Ta:Vbpy9P+0ZXGhaRsqxVxtA

Score

10^/10

isfb 7639 gozi

Malware Config

Extracted

Family

gozi

Botnet

7639

C2

185.31.162.9

31.41.46.120

31.41.44.71

62.173.147.138

31.41.44.79

62.173.147.142

62.173.147.64

Attributes

base_path
/drew/
exe_type
worker
extension
.jlk
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

2020-161-0x00000000075E0000-0x0000000007682000-memory.dmp

© 2018-2025

Terms | Privacy