Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4976-46-0x000001E13E2E0000-0x000001E13E31D000-memory.dmp

  • Size

    244KB

  • Sample

    231008-3j7alagf71

  • MD5

    964cc34818e70b94c51c02055786003d

  • SHA1

    e6d83c3689f14f0b9bee4fe439fbda57e9f74139

  • SHA256

    302693fe3b3ae110879934e99b15bbc3695dc7d06cbfc49c91b095aa7bc2ce32

  • SHA512

    36c674d47d5098e8e1a51bc61a8e7455383e22ac951d197326f209f7d2765bb0f4ba376635e262198d75a6568f49212b8c87a8667bd643346fed1b4f39444156

  • SSDEEP

    3072:uXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsl6VXSTFCr5Icjvp5Wt:uX72v82Wldh1KeRFSbaWrxlsMVr5v5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks