Extracted

• • Target

    4d22640d9cbdc1052d109f6442feabf8

  • Size

    9.6MB

  • MD5

    4d22640d9cbdc1052d109f6442feabf8

  • SHA1

    6e4be4d380dfa2f043f09505971ebe5a7773051c

  • SHA256

    45bbc1888cb27463adf280d312fc932fa784877f4592a8b81517ca431a00ccca

  • SHA512

    3107453c6b7f61355a851373d4351d799d046cb3c9014b6e0a16e00cec4f5235152c88574a49cd9b54e047c01a2580e9e96871e33df46bb622dcdae278075788

  • SSDEEP

    196608:67B4Ngl/iBBB1hm1Wgl/iBZMkgl/iBBB1hm1Wgl/iBP:IB42i3vmI2iZR2i3vmI2iP

  Score

  10^/10

  upxgozibankerisfbtrojan

  • Gozi

    Gozi is a well-known and widely distributed banking trojan.

    bankertrojangozi

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2