gozi | 776-187-0x0000000008E10000-0x0000000008EB3000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

776-187-0x0000000008E10000-0x0000000008EB3000-memory.dmp
Size

652KB
MD5

2d29bb94c07d4ae376ef866f483cf395
SHA1

e3f40fc35affc6f63bd5539fc28b710c1d35bbfe
SHA256

1ce2909975e5eddf9c1747ccc5ca7ee712cd18e14774c29494e78ad9405c19ab
SHA512

70b300643dc0db379518eca2e057ba98efc2eb17387e646465fba56869beaf835ede1f1dd962c6fd7dc673634b2705d32ee596d846c256459bd50eaf460a8980
SSDEEP

12288:5W0mf5CHTz2V5463qgkaET1CLdvGP22fSJinCj3BKkmR3mZ/9UuhmTaLy8jw:5WFf5CH2z463qggQGPVEw+KkmR3m99he

Score

10^/10

isfb 2100 gozi

Malware Config

Extracted

Family

gozi

Botnet

2100

C2

diwdjndsfnj.ru

iwqdndomdn.su

mnvxcjieifad.su

jdsncjxjujdww.ru

Attributes

base_path
/uploaded/
exe_type
worker
extension
.pct
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

776-187-0x0000000008E10000-0x0000000008EB3000-memory.dmp

© 2018-2025

Terms | Privacy