Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1476-55-0x000001DADB5E0000-0x000001DADB61D000-memory.dmp

  • Size

    244KB

  • Sample

    231020-s43sssch3x

  • MD5

    19120bd9f76c1d6c1423eb56dfdc6738

  • SHA1

    547bb3172f2ea675ab42dacc946ebc37f253738e

  • SHA256

    7211e1d345dfb42f228ecab310ff30f060459ca3e2c460c99d963de25680edad

  • SHA512

    d6e254fe9036670a3e007f5c1468fdee004551b179ec1c2cf1e2f7fd4b3c9ea45ba91f72f4f8d9b6cd13eea7693c5737fb1c252ee218a348ed8e91a07964b1e7

  • SSDEEP

    3072:XXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlszEXSTFCr5IcjUvg5Wtq:XX72v82Wldh1KeRFSbaWrxlswr5Ag5G

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

fotexion.com

Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks