Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2912-59-0x000000001B650000-0x000000001B68D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-v5m5vagb54

  • MD5

    5775e8c649873269f21770e515fdf746

  • SHA1

    30a4bd0b7007d548b0315313c628877ca899a26b

  • SHA256

    ad3034940320a54ed982ecbebb018921ece9d80bc70593969115e9463323b703

  • SHA512

    adf42e40e5ac6cb9b66a122338e8af36983979bcfd83288b8a8bb089993893a4546059c95a9f188c772e252db47ba33ba1009a16d0c51678377a73201e797e93

  • SSDEEP

    3072:mXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsnXSTFCr5Icj4J5Wtk:mX72v82Wldh1KeRFSbaWrxlsnr5y5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks