gozi | 4480-46-0x000001786B510000-0x000001786B54D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

4480-46-0x000001786B510000-0x000001786B54D000-memory.dmp
Size

244KB
MD5

4716b9a6404684cbf476142cdc94a8bf
SHA1

f7330093fe4553f0a93b8c7f3cdb1eac25deac0f
SHA256

162c5e194bcda5e701fdc6949e7f50d0b5d0ca11cffd536404d4874c03599fd1
SHA512

4165aacfd3ccec5e21d5dd9c0e1fe3770279361dab88b270e600457597cc315c2a13ca56e62693ab6f1e028e2663bc90127bcf96302e8186bbe9aa25136a2c8a
SSDEEP

6144:xX72v82Wldh1KeRFSbaWrxlsXCS/3cHZJr51M5G:xL2v8znYSSeWr4m

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

4480-46-0x000001786B510000-0x000001786B54D000-memory.dmp

© 2018-2024

Terms | Privacy