Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4392-63-0x0000024A4DCE0000-0x0000024A4DD1D000-memory.dmp

  • Size

    244KB

  • Sample

    231008-2bbchsag42

  • MD5

    e3482461de70573a8d4af19bc2cdbd36

  • SHA1

    3f46f81962a66623468965660a7f70905e7adf54

  • SHA256

    ff1e160248724dee1c58934fd582cd12163ba7fc4c49eca4f7a18ab136291756

  • SHA512

    5755305aed9888e027861849e89f40160655b8cbc9382dac84d2d84aa4550b765b9591ec9030763df8bc2883598a0820e990132b2c2686d77f3b3cbbcea17fde

  • SSDEEP

    3072:ZXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlssaXSTFCr5IcjGH5Wt:ZX72v82Wldh1KeRFSbaWrxlssar5m5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks