Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2376-56-0x000000001B1C0000-0x000000001B1FD000-memory.dmp

  • Size

    244KB

  • Sample

    231003-3wc8aagb3x

  • MD5

    f1720abec463e270b4b6d95f41c14e37

  • SHA1

    c844afd9e78add5cab49ff8a3da5440dc7725b76

  • SHA256

    0131dedbeeb4179b6827474c9cb5752d7904d78a1681c5ebb9ebb3e09983019f

  • SHA512

    433813a933deb8e565874c6948b84bd0a8f5e5d6174447d2f6e9c767037120c518f771cea1cfb803d1bfdc34e76a8dcdb574729d76a30207ad7ef9de282160f3

  • SSDEEP

    3072:fXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsFXSTFCr5Icjkg95Wtk:fX72v82Wldh1KeRFSbaWrxlsFr5P5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks