gozi | 852-62-0x00000000029D0000-0x0000000002A0D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

852-62-0x00000000029D0000-0x0000000002A0D000-memory.dmp
Size

244KB
MD5

8ca2d97ffe4088c6ec2b0c4dc376e8a2
SHA1

7393d3131265d9e2dde7710e18c970fd6ecb20ec
SHA256

5e13fd7156d21500bd08178a415082d6de7e6b4dda16ac736d93144a008cbd72
SHA512

edb3236a8abb88830694b55237fe709ea8ff1a4196173209cc5c4efd924874df1ba9bd00a255b65bac550a0bd27fe8b53bdd57e830de2d6a9bf43981d232a1c2
SSDEEP

3072:rXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsSnKXSTFCr5IcjY3I5Wt:rX72v82Wldh1KeRFSbaWrxlstr58I5G

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

852-62-0x00000000029D0000-0x0000000002A0D000-memory.dmp

© 2018-2024

Terms | Privacy