Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4824-62-0x000002B66DC60000-0x000002B66DC9D000-memory.dmp

  • Size

    244KB

  • Sample

    231008-rqctsach4s

  • MD5

    75f8a87327fd64d5a155d9d187a56204

  • SHA1

    09a89d1835da098ac3c43c8eb2ba3f0da2a1e667

  • SHA256

    9e74781d45152ab032ab5ed3d60519034fae70b591c0f3bb9a85a38358b2bc3b

  • SHA512

    1524547e83d00181a54412a1e459d42de66799b5c23ba5091085e5d89a2c9b397bafd9443de507ae5ce1e391b9ca6d1b325aaf7713b0a80454341f879e108998

  • SSDEEP

    3072:NXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlseXSTFCr5Icj695Wt:NX72v82Wldh1KeRFSbaWrxlser5c5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks