Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2084-65-0x000000001B630000-0x000000001B66D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-s9eyxsfa54

  • MD5

    b20968fc98bef5ba81630121ea2ba53e

  • SHA1

    4c62b2445e585b727d7ed8b4a6eb6798c40eb758

  • SHA256

    cef7a0d1ee8c099b3932ffb483e3deaf58c9d8a1be1f242e000b5a3758b52b47

  • SHA512

    95abc0955b7c0134e2d022e2543fd636697e8e4498aaa8b936a07495c28572384bc1b656cfc816817215deee2ca5631f5455f8d3a92926f0c2c8faa637f52423

  • SSDEEP

    6144:0X72v82Wldh1KeRFSbaWrxlsnFr5za5G:0L2v8znYSSeWr4nF

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks