gozi | 3124-55-0x000001F3F2640000-0x000001F3F267D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

3124-55-0x000001F3F2640000-0x000001F3F267D000-memory.dmp
Size

244KB
MD5

c704bd8267f12b16f619bd1d79a651e5
SHA1

ced5968d64b1754f01cbcd56ee38bea2128a6bc5
SHA256

4f1cca9f21c0e8fb3d6735238b48d2703ff7b5676fbf9c650f5ab042df5090fd
SHA512

6e5273469cc4a6d5e866c03b729c8deb175168ead6d11d692d3ab047bcc564dbd6dca6f926b7570ced5a271db458095b30b6f12941d55c26e412b14b80a86fc0
SSDEEP

3072:kXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsUtXSTFCr5Icjl635Wtk:kX72v82Wldh1KeRFSbaWrxls0r5W35G

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

3124-55-0x000001F3F2640000-0x000001F3F267D000-memory.dmp

© 2018-2024

Terms | Privacy