core[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

erupt-x32.dll

windows7_x64

erupt-x32.dll

windows10-2004_x64

sugar_x64.dll

windows7_x64

sugar_x64.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

cmd.bat

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cmd.bat

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

erupt-x32.dll

Resource

win7-20220414-en

icedid 1057461280 banker core_loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

erupt-x32.dll

Resource

win10v2004-20220414-en

icedid 1057461280 banker core_loader trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

sugar_x64.dll

Resource

win7-20220414-en

icedid 1501064257 banker core_loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

sugar_x64.dll

Resource

win10v2004-20220414-en

icedid 1501064257 banker core_loader trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

core.zip
Size

2.0MB
MD5

eae4900354e32eafb06a9c55e38a5ffb
SHA1

429945e6f10fee0006778f4e2151da6aa095e1ed
SHA256

47959778e5198ed2c06e6fcd35ed633e69ee3adf098aade13a6118f0d9db69f3
SHA512

19b9282ef61421fd44bb6a8744efef35a710856e5ff48d1007cca095a1acdbe11a80677b67edb7c48c5d5abbbdeb4b5573de1b25954131cf739827fb7b73f360
SSDEEP

24576:Ag1Nc6/zyxnSl/0uTO1qtOqSn9Dhx5jVHYF+ey9SkH2MBLnFbTeVdaxOgdBbUB64:AVbr2q9I

Score

N/A

Malware Config

Signatures

Files

core.zip
.zip

Password: infected
cmd.bat
erupt-x32.dat
.dll windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

DvxktJDj
HMqD5ItE7F
IFPGpxXa
Ze6rUmb9
fseyuhjdss
hH8TwAUkF

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 827KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
license.dat
sugar_x64.tmp
.dll windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

KXwED4zqdcv
LW4WPmx
MIYjFHK1DvG
UolFot
Vtco8g
ayuhsgvydshj
h2sxa2Pu
nW9tCV
nWG0Fc
rQMqk3ZxWgN
rSMWF4B
y0uWvwW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 827KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy