General
-
Target
1744-55-0x0000000000170000-0x000000000017E000-memory.dmp
-
Size
56KB
-
MD5
051375a7632a473394f84df964586da7
-
SHA1
6ece84c728261ec656b0adc98f4e0fbf0c888dd0
-
SHA256
cc8dcf5095ea50db917cca071dd1ba742b56a45aa6ff0d4f45b2cf4fc9619d6d
-
SHA512
af840f1886151cf5b2a492baa7275f3faec5d0cb4120061b0aae92339f57c622e099df7ba7c48aaea547a48544dcc8737c91c28a07bae9eba3d55e50ad1906d1
-
SSDEEP
768:A2so1LNxxkYmMvcYyLcaT0LrqH6EHV9HmDXhVp/s6zTgMlbDlxKWAb214:Co1LNx6Ymc6zmHG9HCx/jzTtbBxKY
Score
10/10
Malware Config
Extracted
Family
gozi
Extracted
Family
gozi
Botnet
5050
C2
https://fazz.bing.com/check
http://swebbers.com
Attributes
-
base_path
/jerry/
-
build
250257
-
exe_type
loader
-
extension
.bob
-
server_id
50
rsa_pubkey.plain
aes.plain
Signatures
-
Gozi family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1744-55-0x0000000000170000-0x000000000017E000-memory.dmp
Headers
Sections