Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2584-55-0x000000001B650000-0x000000001B68D000-memory.dmp

  • Size

    244KB

  • Sample

    231006-n7b22aba41

  • MD5

    da1a90c21d882e5ebbbad67a3c8373d8

  • SHA1

    919cfd0c4a2ddb9ef6745bb7bc6a64aafef0aed0

  • SHA256

    8f048ac0f8b3f98eec5d7fdd5741ac7ae56c9095bcfe07ea38262cd5691389e8

  • SHA512

    7d022c592138ed305ea0b7fb34a318dcf1dfd7a7b2448ceb24e5c14214cc66bc67104296ab0b8982b596780c2aae93e549de9db3cce1bf26e20237673400f8d4

  • SSDEEP

    3072:YXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsXXSTFCr5IcjFy5Wt:YX72v82Wldh1KeRFSbaWrxlsXr5i5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks