Overview

overview

10

Static

static

10

4304-134-0...ry.dll

windows7-x64

3

4304-134-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4304-134-0x0000000004900000-0x000000000490D000-memory.dmp

  • Size

    52KB

  • MD5

    66bb206be76c293e5312ee3259b191d4

  • SHA1

    774ad3f55be6d68c7c2e85ad9b5c72d89392c1d9

  • SHA256

    2f7c6965dcf1d705a79db70e28331c797654931c95830500cdc86006e5b2d6dd

  • SHA512

    399d61e6c7ad355b7c98fb3629fbf29e7f500cfe6bd15be6f467502430a0f75f5362b8b54ecce584479f77a3d0f6797f5e11c83522439cd24c723395c13535b8

  • SSDEEP

    768:6wgtGql3m+2XW/442NtNwHHVCQ0eUw9nagGy411vdMFhK3D1Gc0d:6RwqUW/4vN/K1CQBGy41pdMyD1Gc0d

Score
10/10
isfb7716gozi

Malware Config

Extracted

Family

gozi

Botnet

7716

C2

checklist.skype.com

193.233.175.115

185.68.93.20

62.173.140.250

46.8.210.133
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 4304-134-0x0000000004900000-0x000000000490D000-memory.dmp
    .dll windows x86


    Headers

    Sections