gozi | 2516-56-0x0000000002B90000-0x0000000002BCD000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

2516-56-0x0000000002B90000-0x0000000002BCD000-memory.dmp
Size

244KB
MD5

f135a996554c9f9996978fa67d14c963
SHA1

6c4ef96f7ef5504bb71ac92963eb9c6ffee378ab
SHA256

59571b84c58debef2a908f6a91900e7394606c712eac31636c10dfd6c465fc43
SHA512

7738a91ffe605b69a88329f893b096503ed28f15b12b98f5552ff85faac0620356cde4331a1668bea77c878041e25641bbf4f2bcd43318616f9e7b6c92eba8f5
SSDEEP

6144:BX72v82Wldh1KeRFSbaWrxlsPr5J2q5G:BL2v8znYSSeWr4Pb

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

2516-56-0x0000000002B90000-0x0000000002BCD000-memory.dmp

© 2018-2024

Terms | Privacy