Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3768-53-0x00000250C1DF0000-0x00000250C1E2D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-tae1bafa75

  • MD5

    516e7a503ad7f512025fc6303864bd81

  • SHA1

    76e42307cc6d6307cf618b8ebebb689b238f7c23

  • SHA256

    0ef9c64674fcb08c2f4250432ae7a9f43ce37ba614e93137bc6a6eae14b62be2

  • SHA512

    ed1fe311681f9c62ade4d2fa0bba874a6691259a5c06eb91b0fc0f351864d902d0c81a278c489e77ea0d6b27d83cc075c7fa152f0e9b5d93ebc50476f4f58934

  • SSDEEP

    3072:YXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsIXSTFCr5IcjD05Wtk:YX72v82Wldh1KeRFSbaWrxlsIr5e5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks