General

  • Target

    badd9eb088b53d871a973cd7d70d79c2

  • Size

    2.3MB

  • MD5

    badd9eb088b53d871a973cd7d70d79c2

  • SHA1

    1d54bab28ed6b02892fd6494f0b0dea764db268b

  • SHA256

    4a6473b1726fe36d7f514f072307ed5aa5fce899b03388d5f8b78684a2cb3bc5

  • SHA512

    2efdff027c7e220d23cee0223b925e4410fdce1fa84f0c55732b54732675c8fd0828cd766a9f63ece444faa76b863874c9c3e58e1cb10823bb1074a33f56a997

  • SSDEEP

    49152:S6iQI2zzPdlzjbsuhRQHQxbHWTmD1SM0FfBbnROV8uzyMt8kx:xirozFlNhuHujm8S1fBDcV8uGax

Score
10/10

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • badd9eb088b53d871a973cd7d70d79c2
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections