Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1876-54-0x0000016F22EB0000-0x0000016F22EED000-memory.dmp

  • Size

    244KB

  • Sample

    231003-q6e4eabb4w

  • MD5

    e1bd60359252901b3772c045fb89ea14

  • SHA1

    c0c4c951c04a43ec3e4eaf9f0dd25f1b260d63f7

  • SHA256

    9845fa4eee2194c8a8152e722a225d09d945afb3eeac9cec5f6fcf789f8f0cf8

  • SHA512

    6522e7cbe1e4fbab8d64422c0b213406b6e16594428779dd9e6bdf0fbe69664b46c8ac5b5f24e56b73f977c90ea4ca95b3b5d06f70ea6eb8bddfbec981fe0199

  • SSDEEP

    3072:DXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsfLXSTFCr5Icj2mtDrvU:DX72v82Wldh1KeRFSbaWrxlszr5n45G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks