gozi | a6e1a7a9d3bcefbc1293c1d62e8f86ba0824c2db203b9c69184b3e6b9114b4a5 | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

General

Target

2208-53-0x000001BD584D0000-0x000001BD5850D000-memory.dmp
Size

244KB
Sample

231007-a6fryaah22
MD5

660d07507cf846f3643d6bd4a81d917a
SHA1

3485a869805dad1f751b096e21cd043c683d0f99
SHA256

a6e1a7a9d3bcefbc1293c1d62e8f86ba0824c2db203b9c69184b3e6b9114b4a5
SHA512

f7171ac54fb3f525372c9da67d878f233c9be3b2e728c584815a84eb94d449056da0f1ad0c08ffb5c49110e8ec1e36d7704203c09f91b30e34570d3eb0827c2b
SSDEEP

6144:YX72v82Wldh1KeRFSbaWrxlsp09r5X5Gl:YL2v8znYSSeWr4C

Score

10^/10

gozi 5050 isfb

Static task

static1

1 signatures

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

http://igrovdow.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Targets

Tasks

static1

© 2018-2024

Terms | Privacy