Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3260-192-0x0000000007FF0000-0x0000000008093000-memory.dmp

  • Size

    652KB

  • Sample

    240307-m2kasahf56

  • MD5

    780ee013f5bb78b0b376a7f3c8fb124c

  • SHA1

    e9dc5e78a1b9d508a99b35448950f2079759cf80

  • SHA256

    cbc94ec5e09ca75abac2a521f002913c4cba2fb3d12979edf03f6bd645962d73

  • SHA512

    87c244ce6d45c21dac3d0930da8096de2bedcc4d42777416997895827f015203546b4d37c5d7dcea9b56d4b958acbd8bf4857b02c25c1c91a1dc17c056818662

  • SSDEEP

    12288:egrRK2P8EpMPss84eT5ieb08eTz5knTo8EJvQH10SAxFshAj:RQ2PqPsspeQebleTz5kcXx+WSAx1

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

https://fazzd.bing.com/check

http://mainertin.com
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks