zippedISO2_20220629[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

documents.lnk

windows7_x64

documents.lnk

windows10-2004_x64

s4pesa.dll

windows7_x64

s4pesa.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

documents.lnk

Resource

win7-20220414-en

icedid 3652318967 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

documents.lnk

Resource

win10v2004-20220414-en

icedid 3652318967 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

s4pesa.dll

Resource

win7-20220414-en

icedid 3652318967 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

s4pesa.dll

Resource

win10v2004-20220414-en

icedid 3652318967 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

zippedISO2_20220629.zip
Size

419KB
MD5

a195f97ac5324ae7399c2e1b7032632c
SHA1

20de1f21975bafd8c65cfa01e9a755d5edb5e3d7
SHA256

509894489774d018fa5b6bea3c27307559a294cc4a6743800b65877e68dce0a0
SHA512

753a0aaf3191585448c1190403f5fea741f7d041956c69c1e5556b5442ccc4a0c17eebe8a5d6de461713a9667d647dbe01f5254d8d2179f364870a4ba8dc73ef
SSDEEP

12288:kQN1ArUMeYpEOwY8/quBWtL+ti8JoOaXW8N:kQN1Ar8WPwY6cWiGoPmk

Score

N/A

Malware Config

Signatures

Files

zippedISO2_20220629.zip
.zip
documents.lnk
.lnk
s4pesa.dll
.dll windows x64

0c386dcb6969524b143d3607f3fff6cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateDialogIndirectParamA
DrawStateA
InsertMenuW
DrawMenuBar
DdeEnableCallback
FindWindowW

imm32

ImmConfigureIMEW
ImmGetCompositionFontW
ImmGetConversionStatus
ImmEnumRegisterWordA

usp10

ScriptGetCMap
ScriptGetFontProperties
ScriptStringXtoCP

ole32

CoGetClassObject
WriteClassStm
CoRegisterInitializeSpy
CoTreatAsClass
HMENU_UserMarshal
OleCreateLink
OleCreateFromFile
OleRegGetMiscStatus

Exports

Exports

Hyuasbbjhas
S6CSff9
Z1a0oYSm6
eEranvp
hp6pnYlHiJ
qFYbuL

Sections

.text
Size: 729KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy