gozi | 3152-183-0x00000000082E0000-0x0000000008383000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

3152-183-0x00000000082E0000-0x0000000008383000-memory.dmp
Size

652KB
MD5

6b4635f46323778c12d5a2cbf71eb5ff
SHA1

e608ab88540c646b52016e3cbf67656703ed62ed
SHA256

6a7905bac24fe37b798914f8d4411ebbe05d369e276cbaa2f9fecdd7ebcdfe34
SHA512

7241acfe47a5d2573d40d182edce43bcdf4b3400de03d92bf8db3792d3453fe8578a8ff6c9eb9261e6ddbf53335dfc5d8c3ab953cb38127f5a73079816dcee4b
SSDEEP

12288:TgrRK2P8EpMPss84eT5vp47DvZmlh19y12bdxE0oRbA/atzkEXOPGTx1Vw/bPMb:cQ2PqPsspeVpwDvZm//gr0IOatzkE4KT

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

https://fazzd.bing.com/check

dretils.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

3152-183-0x00000000082E0000-0x0000000008383000-memory.dmp

© 2018-2025

Terms | Privacy