Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4536-56-0x000001DCBBD50000-0x000001DCBBD8D000-memory.dmp

  • Size

    244KB

  • Sample

    231011-n92epsea3w

  • MD5

    4bb0002bd51f880f34448481bde39d55

  • SHA1

    58579419b75669ec28d8fa36ffdf492cafb5a958

  • SHA256

    c58f4102461ba291a466b232c4236ce19a01c86d34fdb690b9d926fe42da89df

  • SHA512

    0751d3142463a2eb0c5c092de90c8cc9393ee513eaf332293cfc4923dc3b7861684a7995d75b3d704127e44a4c05f7dc1f4d1e16af9924475dfdee453447b189

  • SSDEEP

    6144:MX72v82Wldh1KeRFSbaWrxlsXCS/3cHZJr5lZ5Gl:ML2v8znYSSeWr4m

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

http://igrovdow.com

Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks