Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2116-56-0x00000239A3B20000-0x00000239A3B5D000-memory.dmp

  • Size

    244KB

  • Sample

    231005-tn3zascd7v

  • MD5

    c44628116c766be894c922fa6fb85170

  • SHA1

    f18885a9b0efc23b9f936f74b76d986322eb2004

  • SHA256

    9f643758ca74a89592fe016215002c53bdce11e5e8879df08399340d1947b0ca

  • SHA512

    67c99a81da30306c61d86a4a33c10309cb99cd4504671ae350ff5e3c817e46d6d6861b9e3e5b2081cd3bc49aae41c670e701d5dd9b5b77e9719ab0562b26539b

  • SSDEEP

    3072:gXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsrXSTFCr5IcjC85Wt:gX72v82Wldh1KeRFSbaWrxlsrr5h5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks