Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3636-45-0x000001FEBA7C0000-0x000001FEBA7FD000-memory.dmp

  • Size

    244KB

  • Sample

    231004-bwzbzagd9x

  • MD5

    d82a6cc18810262cfdda30a21cff8bc0

  • SHA1

    9f05b30da775c786a64b11dea486152609b7ab90

  • SHA256

    eb5f077fc01484eb8f28f9321f4e43613dcdd034dc438089e7c21ebba2873af1

  • SHA512

    04c0d2cdf208122a4ea964b2e52d5efd1d8258f34357381c7d6885bf6c92021838f1374a28b849b7f4c02b960328e44e23052efc4e5fca446eb950a691d314da

  • SSDEEP

    3072:dXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsbPXSTFCr5IcjV15Wtk:dX72v82Wldh1KeRFSbaWrxlsjr5V5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks