gozi | NEAS[.]ab29d46251135a9857de7e63f0d3f8eeb4a2a6af7c10835efaa61e65519ab01funknown_JC[.]unknown | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

NEAS.ab29d46251135a9857de7e63f0d3f8eeb4a2a6af7c10835efaa61e65519ab01funknown_JC.unknown
Size

244KB
MD5

00701c644cf4dbdfeecc32aecb18766a
SHA1

5ef78b62153860c734910e29763ae4bfb3660e1a
SHA256

ab29d46251135a9857de7e63f0d3f8eeb4a2a6af7c10835efaa61e65519ab01f
SHA512

f5ab7d761650f988834651543204c638586cc2c69d44d1930bbca00bba819bbe9102baacb619b26f8e06d8a72a179ddf916fc8030419208c5e509a7f44a4ee2d
SSDEEP

3072:fXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsdHXSTFCr5Icj9AK5Wtk:fX72v82Wldh1KeRFSbaWrxlsdHr5X5G

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

expirew.com

whofos.com

onlinepoints.online

onlinepoints.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

NEAS.ab29d46251135a9857de7e63f0d3f8eeb4a2a6af7c10835efaa61e65519ab01funknown_JC.unknown

© 2018-2024

Terms | Privacy