Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    828-54-0x0000019BBAFD0000-0x0000019BBB00D000-memory.dmp

  • Size

    244KB

  • Sample

    231012-qp589sbg2t

  • MD5

    054a598d948aba26460f4694891c7c15

  • SHA1

    c37bb013628d386e166af2386471c3ef8652a914

  • SHA256

    daf0053b1a986bf59b8363851632ccca67c65542c2c6ffe2f4587c550f430333

  • SHA512

    15bf25a765ba400983904ed0429dc6a060b3e459172dec5613e09db9967032212213ff3c869fc47da81aaf6c4f016f4aeb777399ce8accb4c0a5045cd6259719

  • SSDEEP

    3072:SXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlswXSTFCr5Icj2g5Wtq:SX72v82Wldh1KeRFSbaWrxlswr5B5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

fotexion.com

Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks