General

  • Target

    2280-59-0x0000000002960000-0x000000000299D000-memory.dmp

  • Size

    244KB

  • MD5

    8c1da73e20024fa53665c0919ce09be7

  • SHA1

    986b6da3ac48f1728eda49dd7623e6422db1cd5f

  • SHA256

    770b17b90d3ed37c820cd2f676b23a9b6bd4683ec892010d846bd8e872dd4ede

  • SHA512

    d742eff1febd4af7743c408c545b2df17eed957ddaffe7ee909e8aa639976904e6fa7079d64367ef535f5920926aac533e9d954a0309dd074989515a13430735

  • SSDEEP

    6144:iX72v82Wldh1KeRFSbaWrxlstr5QSK5G:iL2v8znYSSeWr4t

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top

Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 2280-59-0x0000000002960000-0x000000000299D000-memory.dmp