gozi | d13c483d9bf4aeadcdb4ae43bd47cf5fe9d1366a13d4b2ad7ad878d4e161f4bb | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

General

Target

1516-52-0x00000158FDD50000-0x00000158FDD8D000-memory.dmp
Size

244KB
Sample

231006-1lb65agb51
MD5

f0a6639dac0becb19b7ac015dd496e62
SHA1

416efed50adfd04cb59907aa97171456bc23fe45
SHA256

d13c483d9bf4aeadcdb4ae43bd47cf5fe9d1366a13d4b2ad7ad878d4e161f4bb
SHA512

671fa3768a66e0296f6b7969d664d84daf83c9ee3dedc33381bb7bad2a564ebd12f978de03c32debfde39bc46c8dcc9c821afe1277e4c71f9b81767d153bcd1e
SSDEEP

6144:yX72v82Wldh1KeRFSbaWrxlsvr5BS5Gl:yL2v8znYSSeWr4v

Score

10^/10

gozi 5050 isfb

Static task

static1

1 signatures

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

http://igrovdow.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Targets

Tasks

static1

© 2018-2024

Terms | Privacy