gozi | 3656-191-0x0000025857260000-0x000002585729C000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

3656-191-0x0000025857260000-0x000002585729C000-memory.dmp
Size

240KB
MD5

729571058dbe73377baa2e320e3987b5
SHA1

3a6376e0f7256399caa90aa98d685508bb5173b9
SHA256

dec30f1feb3d7d25ad53028fe3851ba46ff67b661b28bac1670625685a795927
SHA512

0a65d880db5bdad67c252ea192f2814e4a52313ada2b0565121a23ed8bb72acf725fa44b172058a2028124fcc04fb6b31678d6792af082f52e6c3a7e172b38e9
SSDEEP

6144:V9HEhbASTf5azHTz2V5g3B63qgkaUI5mA+1:HW0mf5CHTz2V5463qgkaUv51

Score

10^/10

isfb 2100 gozi

Malware Config

Extracted

Family

gozi

Botnet

2100

C2

diwdjndsfnj.ru

iwqdndomdn.su

mnvxcjieifad.su

jdsncjxjujdww.ru

Attributes

base_path
/uploaded/
exe_type
worker
extension
.pct
server_id
50

rsa_pubkey.plain

aes.plain

Signatures

Gozi family
gozi

Files

3656-191-0x0000025857260000-0x000002585729C000-memory.dmp

© 2018-2025

Terms | Privacy