Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4800-57-0x0000025AAA6C0000-0x0000025AAA6FD000-memory.dmp

  • Size

    244KB

  • Sample

    231005-tpkjcaed32

  • MD5

    a26e93cc9850a760709022a1e95f92a4

  • SHA1

    fa431f0b780a096839b7fb47a01a24eb9aec5684

  • SHA256

    b95de951631599b93166ed0ef17661c3d39f284ba743d3d96a0f64154eb4a40e

  • SHA512

    1fa8517ca1873ea31069e46c6b66162ab2af7100d610e9922c1de8ed2303d0c88cf36771d6478a186be752272d8f88e4a39df04a992babd72af01714af4a6500

  • SSDEEP

    3072:eXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsofXSTFCr5IcjIn5Wt:eX72v82Wldh1KeRFSbaWrxlsIr5M5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks