General

  • Target

    b8b391dfda10a19f7dee154c7b4396dd

  • Size

    2.7MB

  • MD5

    b8b391dfda10a19f7dee154c7b4396dd

  • SHA1

    dff59003c2a395493dcc3eecf38f74ae2aad9d93

  • SHA256

    f43876d45e2792b4e94cc6b2ec125859ec51be4a22b8578aed2e92d073ea57c2

  • SHA512

    131a231c47054dce9fe1244ee886c566bac65e945260c9b2c951b8f7547a7a732c1dbdea295cbcac8bcfaa4f1219d5a0cb03d6b3ef69b5757f45e4749ea8b155

  • SSDEEP

    49152:fYIELe0g+0KGvizMy3dVcEk+naa71XkziW1LuXHmZGs/U:DELe9+HGUMy3dqZ+nJ0/9uXGZpU

Score
10/10

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b8b391dfda10a19f7dee154c7b4396dd
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections