Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3184-177-0x00000000090F0000-0x0000000009193000-memory.dmp

  • Size

    652KB

  • Sample

    240313-vzxgbsag81

  • MD5

    336fd24f22618ff590f41a87844931bf

  • SHA1

    94736a14968953781fa4117cc69427d0c10d40d4

  • SHA256

    7a272bd23a4a0cd7edf6a0ce126d0d4a67333ca3843bff888875905c44be76e1

  • SHA512

    c24fdcfa00afe7447649ed0b49d7a0d08cc6b6caa4c08b3da4760d5a230acb4b2cd010b7789562e9c1c684f6da18998b74faea4620e260aac0ee43749bd50257

  • SSDEEP

    12288:RW0mf5CHTz2V5463qgkaZS1LvF77EKFLkcKJzVg4CjPCf:RWFf5CH2z463qglEvEKicKJpajA

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

https://avas1t.de/in/loginq/

31.172.83.49

109.105.198.129

delideta.com
Attributes
  • base_path

    /pictures/

  • exe_type

    worker

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks