gozi | 3952-56-0x000001C5E64E0000-0x000001C5E651D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

3952-56-0x000001C5E64E0000-0x000001C5E651D000-memory.dmp
Size

244KB
MD5

1b5d37e7fc663dcc6e7288e076f02d2a
SHA1

9c12c725a8c9e9acaf9f88415e09d03de01d8b73
SHA256

6d65818ce00c8778e8fbd9fe97055f0b32bfd7da10d905f16b96df1b40677d04
SHA512

1b2b21b62ac279460da02879958924f57d057ad98d0c61da4164ef2a437c59c5605aeeb577a84e1c6f6d7eeee3c9c7f4cf9041ad242158c3f3feb1918976cf15
SSDEEP

6144:SX72v82Wldh1KeRFSbaWrxlsOr5TAz5G:SL2v8znYSSeWr4ORA

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

31.41.44.79

185.248.144.203

netsecurez.com

whofoxy.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

3952-56-0x000001C5E64E0000-0x000001C5E651D000-memory.dmp

© 2018-2024

Terms | Privacy