Extracted

• • Target

    3e3a28251de1027b5b21a8d987ec72a2f38f0a50f2d73d502c525965d4c411fd.exe

  • Size

    68KB

  • MD5

    b0589d33167a2f3a585f83ca9d57c172

  • SHA1

    c5256e83894d28c84bd6e2417835028dc2582dac

  • SHA256

    3e3a28251de1027b5b21a8d987ec72a2f38f0a50f2d73d502c525965d4c411fd

  • SHA512

    582cba8de83561b26f4a4c3c738ae4d5411ce312995e58b84d3126019bfeac14fc059b1d4fc62d6b4de67205fadda43cddf9d685590b083ae8cb839cce43f86e

  • SSDEEP

    1536:BRtqbQ/nR6MfVUI9aQXhIf41wt9G+1Cm2tvdZ0CmuJd5:Vz4aVxhB1S1et7Bbd5

  Score

  10^/10

  discoveryupxgozibankerisfbtrojan

  • Gozi

    Gozi is a well-known and widely distributed banking trojan.

    bankertrojangozi

  • Gozi family

    gozi

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2