Extracted

• • Target

    821d957d791a738bc9291023b3fcfdba_JaffaCakes118

  • Size

    5.8MB

  • MD5

    821d957d791a738bc9291023b3fcfdba

  • SHA1

    45a9c98112635a6b315dbb51ff57518bcb21162d

  • SHA256

    13bd3bce48623001f138193a33eb91a1bcbd7e41abaa58c199e3722367d695b4

  • SHA512

    9dff560a102bc599aeb7d9ff7dd35c025078be00279a20f580ea36059d15074f399ab2b9e6066bab58278ad4d26387a72044860112c758d013f78babb966aa1f

  • SSDEEP

    98304:dQMNsQsNxQ79gg3gnl/IVUs1jePsqthvHrFHa7a1gg3gnl/IVUs1jePs:dQnQM4bgl/iBiPftLIagl/iBiP

  Score

  10^/10

  gozibankerdiscoveryisfbtrojanupx

  • Gozi

    Gozi is a well-known and widely distributed banking trojan.

    bankertrojangozi

  • Gozi family

    gozi

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2