Extracted

• • Target

    6e8670df26d315d0a4237f0e30059607_JaffaCakes118

  • Size

    1.3MB

  • MD5

    6e8670df26d315d0a4237f0e30059607

  • SHA1

    98659ad61685fef590d21b8c7cde2ef39616ff6b

  • SHA256

    8764cb1626b18c9f17c77f29013f29a838ff19c5ffdcfa2bf1d15fc0d145ba1a

  • SHA512

    fc0e19352d8a8cab90f5e73557a64df22ff973a5592ee7a3b2becb13a99ce335a8a9aecf9022b9dd3eba3448a8ab7d183398c9e5c47a00d31e48ff32b12b4b7d

  • SSDEEP

    24576:No4XyqBxu2jFr5AUVOzRHFfnbNnurlb2RooGGVhGoGZSvrNL/iYW+IZIyUxU9/9j:S/2jFGFRlfntSlb2mtqxy+5L/iY6ZITe

  Score

  10^/10

  discoveryupxgozibankerisfbtrojan

  • Gozi

    Gozi is a well-known and widely distributed banking trojan.

    bankertrojangozi

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2