Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2304-46-0x00000203EC950000-0x00000203EC98D000-memory.dmp

  • Size

    244KB

  • Sample

    231004-bxdrnagd9z

  • MD5

    ea7def98d4f37ccf69e6bd2970b3794e

  • SHA1

    a87fe7b57b9382cbfba8a3884aca8e74076abd50

  • SHA256

    9c198452f849cf1a1723123fe9fe62962a606b0ee775c874a9534855d7a013dd

  • SHA512

    3bccfad95b7e26e7ed18cbbb997dc66518afd4b90098dbb1d6111433401f8f4a84716dbddb88c68640292df3dac791b317b2652c1acbad81e59fbf8e7fb54506

  • SSDEEP

    6144:eX72v82Wldh1KeRFSbaWrxlsp09r5a6h5G:eL2v8znYSSeWr4C

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks