General
-
Target
1576-98-0x00000000001D0000-0x00000000001E3000-memory.dmp
-
Size
76KB
-
MD5
5172443ffb1f8eea207595df2ec588c2
-
SHA1
07e2ea1d03492820d85109b7e7ba8c0059fc79df
-
SHA256
5d1b0d8d1e5b730373c39479269a512f29cfc564d15dd7be5ed0005d0f51366f
-
SHA512
a24a120871486cad3be4c04e9ccc2086647d59e9278f3b9d560c2d09879d655b46b9996492341f3141cf2b96bb3ac165932de5933284e9dc3a95badc54ed8fac
-
SSDEEP
768:UGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEBK:UyFML+2YIf5YdDn/qGU1jDipO
Score
10/10
Malware Config
Extracted
Family
gozi
Botnet
1000
C2
https://sumarno.top
Attributes
-
host_keep_time
2
-
host_shift_time
1
-
idle_time
1
-
request_time
10
aes.plain
Signatures
-
Gozi family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1576-98-0x00000000001D0000-0x00000000001E3000-memory.dmp
Headers
Sections