sample[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

nerol3.dll

windows7_x64

1

nerol3.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

nerol3.dll

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

nerol3.dll

Resource

win10v2004-20220414-en

icedid 3118344709 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

sample.zip
Size

346KB
MD5

2cbde09e3d655b15315705ecef6fb831
SHA1

6a3a238806974e8e54151a60e6cf0dafb62cae40
SHA256

1c471f6693f916a16134d04315134fab29cb616b7f58b1a524cf7eba98fa5a2d
SHA512

7a673e00d7daa9ae7e4bd47493398a2cf5fc517498a0ad62672214b14dd3320af0c7126e1a1b22e458d3c35426d2ee688a38b38a1bcbc8da72095c2c169a4d0c
SSDEEP

6144:cVdjxasV1rxVrJyCR2fY7d2qiYRIjg1baaaTRVPZEBIJ2S11vargWj51G0x2Y4eD:edjUsVBjrJtRY0dtiBmaacZSIJd1Qrgy

Score

N/A

Malware Config

Signatures

Files

sample.zip
.zip

Password: infected
nerol3.dll
.dll windows x64

Password: infected

4bb28c546bbb522d27d1dea91bc98797

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

uxtheme

GetThemeBitmap
GetThemeTextMetrics
DrawThemeTextEx
EnableTheming
SetThemeAppProperties
GetThemeSysBool
GetThemeBool
HitTestThemeBackground
BufferedPaintClear

rasapi32

RasSetCredentialsW
RasGetEntryPropertiesW
RasGetEntryPropertiesA
RasSetEntryDialParamsW
RasSetEntryDialParamsA
RasHangUpA
RasSetAutodialParamA

Exports

Exports

AIbiK6eNQMI
E6qZ9H8
EIb3u6
LCY0JWOkQ
PluginInit
PqcZwQT
SLxwd046MP
TalBe3Ao
UZ5qSiZDS
YnbZXgetS34
aflgBRhSKpq
bXxLjYhUpHH
jIq2bPgf
oTSwTtd8C
piD3XV9l9nV
xbr1Caglbpp
yEWJB77Wyc
yMVdWcp2

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy