stolenImages_20220629[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

documents.lnk

windows7_x64

documents.lnk

windows10-2004_x64

p3roms.dll

windows7_x64

p3roms.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

documents.lnk

Resource

win7-20220414-en

icedid 3652318967 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

documents.lnk

Resource

win10v2004-20220414-en

icedid 3652318967 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

p3roms.dll

Resource

win7-20220414-en

icedid 3652318967 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

p3roms.dll

Resource

win10v2004-20220414-en

icedid 3652318967 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

stolenImages_20220629.zip
Size

419KB
MD5

f20a6837929f54cc0ff21426ee758b2f
SHA1

12b8756d548f05e4caeb69a6e99a82ef60e7cc44
SHA256

6652ddcac8409e8aebeb6b051ac58015b25340774ba22ff2f08d46c196cbd42c
SHA512

2f10947a52cdcd48dbf6f803e38f97120b00e3fad4744c651740270eb41ab6f045c22f95c3994470954efd60622ccad89d77aaf06a7f12a941596696d76b8e05
SSDEEP

12288:/a8gVGKSLWTvQJlow9McS3cdmJyvApJertU2wDRP+uT:BAlzvQYwicAcdDvApJertdwV+uT

Score

N/A

Malware Config

Signatures

Files

stolenImages_20220629.zip
.zip
documents.lnk
.lnk
p3roms.dll
.dll windows x64

0c386dcb6969524b143d3607f3fff6cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateDialogIndirectParamA
DrawStateA
InsertMenuW
DrawMenuBar
DdeEnableCallback
FindWindowW

imm32

ImmConfigureIMEW
ImmGetCompositionFontW
ImmGetConversionStatus
ImmEnumRegisterWordA

usp10

ScriptGetCMap
ScriptGetFontProperties
ScriptStringXtoCP

ole32

CoGetClassObject
WriteClassStm
CoRegisterInitializeSpy
CoTreatAsClass
HMENU_UserMarshal
OleCreateLink
OleCreateFromFile
OleRegGetMiscStatus

Exports

Exports

Hyuasbbjhas
S6CSff9
Z1a0oYSm6
eEranvp
hp6pnYlHiJ
qFYbuL

Sections

.text
Size: 729KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy