gozi | 2464-54-0x000000001B240000-0x000000001B27D000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

2464-54-0x000000001B240000-0x000000001B27D000-memory.dmp
Size

244KB
MD5

49dce2c099ebe33efa6f3b18127cd91a
SHA1

750dc97c314881931989fb938c31cb0326fbfeb6
SHA256

0a7cd8db49cd7d96e5aaa19199b2022434822be5b781a45c3bcd06d62df950e0
SHA512

89a28b6050d5a4b51ef9c7622e75ce77ab4f05cc1afa4f40a47c74ea7154b5ff69aec7c336815958c6a364a0df811ad6ebf8a7a0af833a3ea7701fbbfef7b03e
SSDEEP

3072:5XmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxls3XSTFCr5IcjMNU5Wt:5X72v82Wldh1KeRFSbaWrxls3r555G

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

31.41.44.79

185.248.144.203

netsecurez.com

whofoxy.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

2464-54-0x000000001B240000-0x000000001B27D000-memory.dmp

© 2018-2025

Terms | Privacy