General
-
Target
4328-55-0x000001A1B9ED0000-0x000001A1B9F0D000-memory.dmp
-
Size
244KB
-
Sample
231020-recdwacc5v
-
MD5
3b48cf9b9207441549560d54554b7a5d
-
SHA1
e914bb1460cd5639e05d48b4991988052f1b1041
-
SHA256
1bf0965904d91a7b009aca995bf3d13ad83fc6bde7620e2ed629b27e56eb36b4
-
SHA512
4cc38885066d3c6b49a93196e5b15d0063956c3724aff012dd6dfeb73834b762e560f42521c3ce1a4f7a23b2ab0b3a7dccfdba6abacc8788230cc465381a796c
-
SSDEEP
3072:tXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsh8XSTFCr5IcjPtmT5WU:tX72v82Wldh1KeRFSbaWrxlsh8r5K5G
Malware Config
Extracted
Family
gozi
Botnet
5050
C2
fotexion.com
Attributes
-
base_path
/pictures/
-
exe_type
worker
-
extension
.bob
-
server_id
50
rsa_pubkey.plain
aes.plain