gozi | 2316-0-0x0000000001450000-0x000000000145F000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

2316-0-0x0000000001450000-0x000000000145F000-memory.dmp
Size

60KB
MD5

bb88891ab9b205ccd11d700d7ea1167f
SHA1

b4b7c53fe1bb75a251450c6720e0ea9434fe7581
SHA256

78afd0b31419d59188acda39c55777a0d782345418dbcc6f5f94b89d8dc274e2
SHA512

ba8ce0c5ad614978862d19f688c9d3006bfa95974e1850e79e1ecb814feb26bfc8f10bb9857c44d8103db2346f00e1cdf39267585ac5a2aaab8aafe2328497d8
SSDEEP

1536:CcE+HqlalXBo2GOvdh6Qc1FCsW4D/D89cjOZXNkd:TE+HqlalG25vdh6nZ/Fg9k

Score

10^/10

isfb 4780 gozi

Malware Config

Extracted

Family

gozi

Botnet

4780

C2

microsoft.com

avast.com

Attributes

build
214084
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com

ru

org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Signatures

Gozi family
gozi

Files

2316-0-0x0000000001450000-0x000000000145F000-memory.dmp

© 2018-2025

Terms | Privacy