gozi | 2580-54-0x00000148EE3B0000-0x00000148EE3ED000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

2580-54-0x00000148EE3B0000-0x00000148EE3ED000-memory.dmp
Size

244KB
MD5

dc963944084084875a3368764f560f0b
SHA1

35ad9714a486f07596f871aeeeb4b79b9758f622
SHA256

709d15311244ed0ff4ee6dcac8e98636f2a91b947bb9e93b495ebc9491a50764
SHA512

90dd60795f846874326d919b47cb70635ecf963782d7c4dcb5f8589e61399e851377d48b98e05bb2af75c6323bc7c804a50ea7c47da5ae7c350fc7843dfdc4ac
SSDEEP

6144:xX72v82Wldh1KeRFSbaWrxlsm7r5C5Gl:xL2v8znYSSeWr4A

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

http://igrovdow.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

2580-54-0x00000148EE3B0000-0x00000148EE3ED000-memory.dmp

© 2018-2025

Terms | Privacy