Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3332-54-0x000001D8F61F0000-0x000001D8F622D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-n5fx7scc94

  • MD5

    43c2c1d84515dd0c55738d7ca5e1771c

  • SHA1

    620d74539e25690ad7d68bcecf3705a315b7d690

  • SHA256

    b09837f10c069bb291f86de40f55feaaeb54fdc33c03ffac3cdf3c40eceae17c

  • SHA512

    5faadaccad5ce39205144bde97fb3b3f4b319775d72be32eddc29edc97b5c1fa4281a4f2e85042bd469d8789615244005f2d68de77b071e790956598528bbd55

  • SSDEEP

    3072:MXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsoXSTFCr5Icjb4B5Wtk:MX72v82Wldh1KeRFSbaWrxlsor5Y5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks