General
-
Target
2280-59-0x0000000002960000-0x000000000299D000-memory.dmp
-
Size
244KB
-
MD5
8c1da73e20024fa53665c0919ce09be7
-
SHA1
986b6da3ac48f1728eda49dd7623e6422db1cd5f
-
SHA256
770b17b90d3ed37c820cd2f676b23a9b6bd4683ec892010d846bd8e872dd4ede
-
SHA512
d742eff1febd4af7743c408c545b2df17eed957ddaffe7ee909e8aa639976904e6fa7079d64367ef535f5920926aac533e9d954a0309dd074989515a13430735
-
SSDEEP
6144:iX72v82Wldh1KeRFSbaWrxlstr5QSK5G:iL2v8znYSSeWr4t
Malware Config
Extracted
Family
gozi
Botnet
5050
C2
expirew.com
whofos.com
onlinepoints.online
onlinepoints.top
Attributes
-
base_path
/pictures/
-
exe_type
worker
-
extension
.bob
-
server_id
50
rsa_pubkey.plain
aes.plain
Signatures
-
Gozi family
Files
-
2280-59-0x0000000002960000-0x000000000299D000-memory.dmp