Overview

overview

10

Static

static

10

1704-62-0x...ry.dll

windows7-x64

1

1704-62-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1704-62-0x00000000008E0000-0x00000000008EE000-memory.dmp

  • Size

    56KB

  • MD5

    03de79935fc73727cacad0603630beb9

  • SHA1

    327491d0697370e25c93e85d3c427387278c3752

  • SHA256

    42925ff6496d2715c1462e4c4778f524a5b0509ac8764a641c6dd08693b856cf

  • SHA512

    9687200c45e1d2affa5c2ec338e536f43157995fdd084f794535d56011d2775ae8b7fe811bbf505fc90adcd819e18897e9168facd4699e8a81dcafb4920d3b2a

  • SSDEEP

    768:A2j2Gw007l2vAyE5PLHBjderMpEINzrF/Yleh8uITD/GyzialzGDuM:12t00RXz5zHzeApLNzrJID/GyzpY

Score
10/10
isfb5050gozi

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

config.edge.skype.com

91.215.85.193
Attributes
  • base_path

    /jerry/

  • build

    250255

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1704-62-0x00000000008E0000-0x00000000008EE000-memory.dmp
    .dll windows x86


    Headers

    Sections