gozi | 3160-180-0x0000000007BB0000-0x0000000007C53000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

3160-180-0x0000000007BB0000-0x0000000007C53000-memory.dmp
Size

652KB
MD5

0f6924f84531f0566a746bcba92a51b2
SHA1

2cc9680f2627d1ca5fc2a13585384a4526a21cd0
SHA256

93fd16736b9e552bac1dd38739117fb516007a56f8714665cccac5ff347afb74
SHA512

d465cce40b578de2bfb8df8e0203d5700754ceba0213932f584a26355da751749ae08dc83794f175aa94e066f2d45ae71fb0b194b29350945e7cbf275ac4e6e2
SSDEEP

12288:BW0mf5CHTz2V5463qgka541vbTMzWM6oGv+Hlzb50BTGIIxnlbQMcaWf7:BWFf5CH2z463qgtUbTM9HlP5KTGII3bW

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

https://avas1t.de/in/loginq/

weseens.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

3160-180-0x0000000007BB0000-0x0000000007C53000-memory.dmp

© 2018-2025

Terms | Privacy