Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3084-62-0x0000023B60360000-0x0000023B6039D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-pjh14saf2t

  • MD5

    3d7639301e680871d165bc14c30ac4da

  • SHA1

    9a3dd6596f13284fb627d7211a030d42c90f9e7d

  • SHA256

    a9f424c9b6eab2750d2115d2b8c5b501173f7aa4c62e0eddbdb96a6a91ea4e8a

  • SHA512

    ae43fa548d310af56088d97548a8a52eb228db4672f3cd8744de830234a0c21fcabee2e239e354ec29c81302002ef2005014f022988263fc088038c7d3331038

  • SSDEEP

    3072:9XmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsCXSTFCr5IcjBHmkL5W6:9X72v82Wldh1KeRFSbaWrxlsCr5t5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks