Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4984-13-0x0000000000E40000-0x0000000000EE4000-memory.dmp

  • Size

    656KB

  • Sample

    231020-szns3scg7y

  • MD5

    2920fe693d2a0634820826a99ae15521

  • SHA1

    19e75c0eed890935b2424fa7fcc07e15921dc5c7

  • SHA256

    ebf0721e077b4ffe2f4eaac06da438da4d3fdb1dbf20a072c2ff5cbc5516f626

  • SHA512

    5ee17bce0b7b7a8001ecbecdd4e44881afa2532d15ef6d2cd580bd67f0b0b56efae1dc6881644efce517dff84d8da7bf684b8ec1fcd6ce0705b6a0aaac3157a2

  • SSDEEP

    12288:fL2v8znYSSeWr44pwvqH88OID2aKvzDTsBk4qFuZul:fLW8LYSSpnpE488B2aKbE49

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

fotexion.com

Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks