Overview

overview

10

Static

static

10

5036-143-0...ry.dll

windows7-x64

3

5036-143-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    5036-143-0x00000000004D0000-0x0000000000565000-memory.dmp

  • Size

    596KB

  • MD5

    af7e753c54d8ce281eae8d73fc192359

  • SHA1

    66c9e46513f54dae395585c9122796ec3271f004

  • SHA256

    e83a5b2de6c7458c631b523d5ba8f4815d75fea795c1afaa6fca6c0dcaf1448a

  • SHA512

    57035a18527915599dbb553052c38e05427240517b1eff59d2bf2cfcdac850c92c3c52676d0e88d10b02a3d02b7e151cc62a6b3ad1cda10bd2bdaa9d7126fe9c

  • SSDEEP

    768:L2VbNiErdPMj+vQywyV34OB9bl5n+iRjn9P1avZa9Bmr1h097mI5:2bNiAC3jyt5+0zavZangX097m

Score
10/10
isfb22500gozi

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

22500

C2

confisg.edge.skype.com

http://

s28bxcw.xyz

config.edgse.skype.com

http://89.43.107.7
Attributes
  • base_path

    /recycle/

  • build

    250249

  • exe_type

    loader

  • extension

    .alo

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 5036-143-0x00000000004D0000-0x0000000000565000-memory.dmp
    .dll windows x86


    Headers

    Sections