gozi | 4392-63-0x0000024A4DCE0000-0x0000024A4DD1D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

4392-63-0x0000024A4DCE0000-0x0000024A4DD1D000-memory.dmp
Size

244KB
MD5

e3482461de70573a8d4af19bc2cdbd36
SHA1

3f46f81962a66623468965660a7f70905e7adf54
SHA256

ff1e160248724dee1c58934fd582cd12163ba7fc4c49eca4f7a18ab136291756
SHA512

5755305aed9888e027861849e89f40160655b8cbc9382dac84d2d84aa4550b765b9591ec9030763df8bc2883598a0820e990132b2c2686d77f3b3cbbcea17fde
SSDEEP

3072:ZXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlssaXSTFCr5IcjGH5Wt:ZX72v82Wldh1KeRFSbaWrxlssar5m5G

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

4392-63-0x0000024A4DCE0000-0x0000024A4DD1D000-memory.dmp

© 2018-2024

Terms | Privacy