gozi | 3184-177-0x00000000090F0000-0x0000000009193000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Static task

static1

1 signatures

General

Target

3184-177-0x00000000090F0000-0x0000000009193000-memory.dmp
Size

652KB
MD5

336fd24f22618ff590f41a87844931bf
SHA1

94736a14968953781fa4117cc69427d0c10d40d4
SHA256

7a272bd23a4a0cd7edf6a0ce126d0d4a67333ca3843bff888875905c44be76e1
SHA512

c24fdcfa00afe7447649ed0b49d7a0d08cc6b6caa4c08b3da4760d5a230acb4b2cd010b7789562e9c1c684f6da18998b74faea4620e260aac0ee43749bd50257
SSDEEP

12288:RW0mf5CHTz2V5463qgkaZS1LvF77EKFLkcKJzVg4CjPCf:RWFf5CH2z463qglEvEKicKJpajA

Score

10^/10

isfb 5050 gozi

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

https://avas1t.de/in/loginq/

31.172.83.49

109.105.198.129

delideta.com

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

3184-177-0x00000000090F0000-0x0000000009193000-memory.dmp

© 2018-2024

Terms | Privacy