Overview

overview

10

Static

static

10

b6a2804023...3f.exe

windows7-x64

7

b6a2804023...3f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b6a280402306113a58f60258f599cc3f

  • Size

    2.7MB

  • MD5

    b6a280402306113a58f60258f599cc3f

  • SHA1

    34fb22f76bed83bc958906242286a4bc3211aa63

  • SHA256

    866306d51d709f7b20d2dedf93333dbd5240cbf0d5e41f439044b378b6d88c78

  • SHA512

    b14d6740ac089429f0d5eae1b325703b28e338a5f4e00b7851bddbc6e5a0e1f1231d42ba393fad209eec0f7d13940bbbf709389d1de5813be7d23b3bf5577529

  • SSDEEP

    49152:n7z4h58znORWEw0f6IZdwcUR9WfYCgebxparmLuiYo8uM2hMwcBzR9j:/478zODw0bhUHWfY2bmrOuiYoDDBYzHj

Score
10/10
upxisfbgozi

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
    gozi
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b6a280402306113a58f60258f599cc3f
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections