Extracted

• • Target

    4af0345135b9c15bbaa83bbb899f1aa6

  • Size

    2.9MB

  • MD5

    4af0345135b9c15bbaa83bbb899f1aa6

  • SHA1

    16979365303a22fa6f57e17f6e5d201a07d011e7

  • SHA256

    d5bf1d1238bcd9141ead1a17ad06825efe9cf24fdf7ee7c2e35e90ce45b6d065

  • SHA512

    f68bdb408f72e77d2836faddea0368cae3fb8d461eb66a6200243d5ceb90cd65d3e8bc84072286b3433985cec0539cc2c5713b1a31697de5187a7f2573c3a4b5

  • SSDEEP

    49152:C9afAFQ2AgWHek3joDBtJP0N74NH5HUyNRcUsCVOzetdZJ:CB+2uHeEolti4HBUCczzM3

  Score

  10^/10

  upxgozibankerisfbtrojan

  • Gozi

    Gozi is a well-known and widely distributed banking trojan.

    bankertrojangozi

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2