Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2552-55-0x000000001B660000-0x000000001B69D000-memory.dmp

  • Size

    244KB

  • Sample

    230930-gqsj5aaf29

  • MD5

    dac3626a77697eda158422c5e70b1f08

  • SHA1

    e9a91dfc5642b918e913851056b7970615a5feed

  • SHA256

    bc33a2eefef9a92fe3d5c9411b44d6d7e4c26e70da184c3a37ada735adc1ef91

  • SHA512

    ceb47e902a3ee6d5b1fad55c4590813317e75219121aaedae293678b90fd260a6aaaaaa6362118ff33c2eb37618c0e515f92a9f4e36b5bf136547232fc1da7df

  • SSDEEP

    3072:HXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsnXSTFCr5IcjzF5Wt:HX72v82Wldh1KeRFSbaWrxlsnr5D5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

31.41.44.79

185.248.144.203

netsecurez.com

whofoxy.com
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks