zippedISO_ta578[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

documents.lnk

windows7_x64

documents.lnk

windows10-2004_x64

o5p0se.dll

windows7_x64

o5p0se.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

documents.lnk

Resource

win7-20220414-en

icedid 1060798742 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

documents.lnk

Resource

win10v2004-20220414-en

icedid 1060798742 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

o5p0se.dll

Resource

win7-20220414-en

icedid 1060798742 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

o5p0se.dll

Resource

win10v2004-20220414-en

icedid 1060798742 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

zippedISO_ta578.zip
Size

387KB
MD5

be3b4ceced523d89f0f1f141d33c0021
SHA1

776dba1035e627401276fc4c76ff8151314fb3ac
SHA256

85ce7016ae32e9fa8a51534f48d4a31b46a0c7f4d3eb862942b161c877c34ba4
SHA512

7e1dcedb06764ed57a98da9e6e2c75fdc5b60a1e738ee4044a1895e59cba745d58e41bc45a616578a876d8921ac0dd980550870c89cc39853b54119aac7bb510
SSDEEP

6144:ZAWSr6x68Z0FAnvcW4RvDVrNzI7CQcpjpLNOunCwFyUQFLI4FsDNLk9WBlr:CWSrs0YpKrNc7QL8wYUMihqIlr

Score

N/A

Malware Config

Signatures

Files

zippedISO_ta578.zip
.zip
documents.lnk
.lnk
o5p0se.dll
.dll windows x64

21ad313d9c4568665dda6873dbbe8c41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

imm32

ImmGetContext
ImmGetConversionStatus
ImmEscapeW
ImmInstallIMEW

gdi32

GetCharABCWidthsI
GetClipRgn
GetBrushOrgEx
GetDCPenColor
DescribePixelFormat
CreateBitmap
CreateRoundRectRgn
GetFontData

usp10

ScriptSubstituteSingleGlyph
ScriptStringOut
ScriptString_pLogAttr
ScriptGetGlyphABCWidth
ScriptApplyDigitSubstitution

shlwapi

StrToInt64ExW
StrChrW
StrCmpIW

Exports

Exports

BQ0dxRx
IEW9SbH
OFYTT3
PZig8FkTJFh
QBSVXsS7
RbRwbKUckIj
Uoio2jYRi1
WOGeqpuGCJ
Y1RVFiJ
gWEr9lTH
hUiDpVs
ijniuashdyguas
s06gpnK2N
sKX12Z
t5xVuVO2XBO
v8gKTVB

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy