Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2288-67-0x0000000002620000-0x000000000265D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-n54n9scd23

  • MD5

    b3b1cb5711e8fc19c86307529d85f883

  • SHA1

    a5cf08ae57b13ff7e75a19c1d4f221e45843a694

  • SHA256

    40671b9977a5ee3e122c1424dd49163a2fb872d1eae42e3beba6b9eb50ef9d77

  • SHA512

    555e7f0b3964f12de1244dc615baf8466e3d6fc42c4c87e6774dad2ea90e358b1b7f56092b0b91457d2fcdbdf43ac4790dfe03477c8d04694c2eba8ea7325859

  • SSDEEP

    6144:+X72v82Wldh1KeRFSbaWrxlsfr57A/5G:+L2v8znYSSeWr4f

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks