gozi | 1476-185-0x0000023428360000-0x000002342839C000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

1476-185-0x0000023428360000-0x000002342839C000-memory.dmp
Size

240KB
MD5

2f247b06b53fa80f47b6786204894f6d
SHA1

255defe88af4476a528403dd029a8853bb99b009
SHA256

4b614b24113082687be755b778e8206fa6a654dda8be037e4ac7b143a295b84f
SHA512

f666801f0e9b7e897039994d2ca132d2ce2970fbaa4a3015dc582ee8ed0e043cfa8fbc2b0bc8b770d6ff4b0e5dbb8d98f85164c4839f6fe09b1b2eff10795208
SSDEEP

3072:zCvEARXp0fequ8t6p9239KU1bzEZR3Bv4x843OixBm5lgGAWC759cjeqlNbD:zCvrRKfeP8EpMP1MX3Sx84eT5lG5z

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

twinean.com

Attributes

base_path
/jerry/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

1476-185-0x0000023428360000-0x000002342839C000-memory.dmp

© 2018-2025

Terms | Privacy