Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1500-66-0x000000001B630000-0x000000001B66D000-memory.dmp

  • Size

    244KB

  • Sample

    231003-v5nrdaec2v

  • MD5

    248b7548c84ec965544b644376a5d12b

  • SHA1

    97dd88ad6399fe2cecd4f52978b31bae42a844e8

  • SHA256

    a0d51d44a70e38d50d69ea35c55a8fb95eeda270090e87eebc833ad405f8edc4

  • SHA512

    9566543eb9139d807677e58204ebcbe9ee6dd58555a2210f6449eaf9bc30f86fb154ecf301d05e3dc5041e21841ab6bd980a4f03d6637cbb31aaa12d1cba3808

  • SSDEEP

    6144:0X72v82Wldh1KeRFSbaWrxlsoKr55Y5G:0L2v8znYSSeWr4Z

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks