Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3976-52-0x000001DAC32C0000-0x000001DAC32FD000-memory.dmp

  • Size

    244KB

  • Sample

    231006-nvmb8sah4y

  • MD5

    81803e2b776e3dc1c969c7ad68649b6d

  • SHA1

    26dd581a85424408ab4115e328ef81f40f0f6550

  • SHA256

    214e4d1b22346a1704855f4bdfc3fe30b2a2b5491ed682b7df3a2ceb12a7fdcb

  • SHA512

    db99dc59d96a95851d8123224c6faaeaffd46d003422779c5dbc4a5956889f1a8f9f0a1cbe862973331c1ac77cf95614ae9336855842ac6c175c9e95543dd319

  • SSDEEP

    6144:YX72v82Wldh1KeRFSbaWrxlsp09r5mSA5G:YL2v8znYSSeWr4C

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks