gozi | 1876-54-0x0000016F22EB0000-0x0000016F22EED000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

1876-54-0x0000016F22EB0000-0x0000016F22EED000-memory.dmp
Size

244KB
MD5

e1bd60359252901b3772c045fb89ea14
SHA1

c0c4c951c04a43ec3e4eaf9f0dd25f1b260d63f7
SHA256

9845fa4eee2194c8a8152e722a225d09d945afb3eeac9cec5f6fcf789f8f0cf8
SHA512

6522e7cbe1e4fbab8d64422c0b213406b6e16594428779dd9e6bdf0fbe69664b46c8ac5b5f24e56b73f977c90ea4ca95b3b5d06f70ea6eb8bddfbec981fe0199
SSDEEP

3072:DXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsfLXSTFCr5Icj2mtDrvU:DX72v82Wldh1KeRFSbaWrxlszr5n45G

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

1876-54-0x0000016F22EB0000-0x0000016F22EED000-memory.dmp

© 2018-2024

Terms | Privacy