Overview

overview

10

Static

static

10

2200-151-0...ry.dll

windows7-x64

3

2200-151-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2200-151-0x0000000000400000-0x0000000000495000-memory.dmp

  • Size

    596KB

  • MD5

    ad4a89bc844278ad2ec54f8680769973

  • SHA1

    978e13273d85e0bbf542a86732a174dfc81354e0

  • SHA256

    850b1ce96910fa7aebca6f15bae2c0faa0cddc82f1c0052c7cea3204067fbe20

  • SHA512

    69c8e5855b5e1c7b5b94ac25865751da21a33e74870431666f5de3d14fb8196cc4548283f9669b88492a97580e16ece98525fb8ef07247dc158b808c450da463

  • SSDEEP

    768:L2HRfxRHbcvpywyV34OB9bl5n+iRjn9P1avZa9Bmr1h097mI5:kRfxR7Qjyt5+0zavZangX097m

Score
10/10
isfb22500gozi

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

22500

C2

confisg.edge.skype.com

http://

s28bxcw.xyz

config.edgse.skype.com

http://89.43.107.7
Attributes
  • base_path

    /recycle/

  • build

    250249

  • exe_type

    loader

  • extension

    .alo

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 2200-151-0x0000000000400000-0x0000000000495000-memory.dmp
    .dll windows x86


    Headers

    Sections