Extracted

• • Target

    7319d6161d5a8c40179779a6acf1b176_JaffaCakes118

  • Size

    2.9MB

  • MD5

    7319d6161d5a8c40179779a6acf1b176

  • SHA1

    965ba1dc943fbb986a2f0c8f6e6e2b13da624584

  • SHA256

    553e9611f11d78da8f4cd14fbe732883496f5a0fc03d491c2916206cb0f599aa

  • SHA512

    e2c968b6da6c8fc758b3a99c892989d6255f375458e28bb1b550b25dbc11a0ae97d42a2b593c60e1e8ef8a56835ee7d3a14021a89f908908452b3b0112d5d1e5

  • SSDEEP

    49152:Zmu2Sgf8DAICIT5hplgqB/7Oxa1N74NH5HUyNRcUsCVOzetdZJ:92pf86ITTgqB/Ca14HBUCczzM3

  Score

  10^/10

  gozibankerdiscoveryisfbtrojanupx

  • Gozi

    Gozi is a well-known and widely distributed banking trojan.

    bankertrojangozi

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2