Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2516-56-0x0000000002B90000-0x0000000002BCD000-memory.dmp

  • Size

    244KB

  • Sample

    231003-pg7xfscd95

  • MD5

    f135a996554c9f9996978fa67d14c963

  • SHA1

    6c4ef96f7ef5504bb71ac92963eb9c6ffee378ab

  • SHA256

    59571b84c58debef2a908f6a91900e7394606c712eac31636c10dfd6c465fc43

  • SHA512

    7738a91ffe605b69a88329f893b096503ed28f15b12b98f5552ff85faac0620356cde4331a1668bea77c878041e25641bbf4f2bcd43318616f9e7b6c92eba8f5

  • SSDEEP

    6144:BX72v82Wldh1KeRFSbaWrxlsPr5J2q5G:BL2v8znYSSeWr4Pb

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks