gozi | 2732-4-0x00000000000F0000-0x00000000000FF000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

2732-4-0x00000000000F0000-0x00000000000FF000-memory.dmp
Size

60KB
MD5

36e683339e1fa032e80a5153bac7732a
SHA1

7aef4ba4b4a5e97a51c4b7af7726eb7a1eb902a2
SHA256

bc717d9d52ae73965ed05a7756bc38dc05edeac1b404d73d206223ecb572acbf
SHA512

3e66bf7672c08db6c357835adb32d0d760321db3d7aa1100e2013cff6f5f6433172fa9226b9812ee28008cf44403352f6f7b65761f1bb55e8c5b30d7ae902a50
SSDEEP

1536:ClwIqlalXyohpqMadlQc1wIW7x/3DO1vV1Nkd:iwIqlalzhpqMadlna/zMvlk

Score

10^/10

isfb 4780 gozi

Malware Config

Extracted

Family

gozi

Botnet

4780

C2

microsoft.com

avast.com

Attributes

build
214084
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com

ru

org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Signatures

Gozi family
gozi

Files

2732-4-0x00000000000F0000-0x00000000000FF000-memory.dmp

© 2018-2025

Terms | Privacy