documents-04-106[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

documents.lnk

windows7_x64

documents.lnk

windows10-2004_x64

setting.dll

windows7_x64

setting.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

documents.lnk

Resource

win7-20220414-en

bumblebee all0504 evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

documents.lnk

Resource

win10v2004-20220414-en

bumblebee all0504 evasion trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

setting.dll

Resource

win7-20220414-en

bumblebee all0504 evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

setting.dll

Resource

win10v2004-20220414-en

bumblebee all0504 evasion trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

documents-04-106.iso
Size

2.4MB
MD5

e7bd30afec3ec9149327039f33c06943
SHA1

f603829ca3bf57a365d293989c0a3a42e14a2f6d
SHA256

422c03f96a72fdd657c2ebca1387bd1f6be6e0b1b30a352827c48ef6fc16995e
SHA512

941602b46d0eaa7424f475d9dd5d3eaf3f983fad63b013a605240ec6fe0f585b89d7bba4361eb40bf39dfb6877bbc176caecfc9ebefe817d5b39f55bd50c4d7b
SSDEEP

49152:pCfWjXZf7MQDeAUXTk/mR1vK5leReZMsCCMIh3SPb99lBPoVK:HtbTek/r5EeZMsCCMWSz7lBPoVK

Score

N/A

Malware Config

Signatures

Files

documents-04-106.iso
.iso
documents.lnk
.lnk
setting.dll
.dll windows x64

caa4998d009fa478f9874cb45a1842e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
SwitchToThread
GetCurrentThreadId
VirtualProtect
GetModuleFileNameA
GetModuleHandleExA
RequestDeviceWakeup
LoadLibraryA
LoadLibraryW
GetSystemWow64DirectoryW
CopyFileExW
AreFileApisANSI
GetCurrencyFormatA
SetThreadUILanguage
GetStringTypeExA
GetConsoleTitleA
GetProcAddress

user32

SendNotifyMessageA
OemToCharW
SetMenuItemInfoA
AllowSetForegroundWindow
MessageBoxIndirectW
EnumWindows
DefMDIChildProcA
DdeInitializeA

Exports

Exports

IternalJob
SetPath

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy