o5p0se[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

o5p0se/documents.lnk

windows7_x64

o5p0se/documents.lnk

windows10-2004_x64

o5p0se/o5p0se.dll

windows7_x64

o5p0se/o5p0se.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

o5p0se/documents.lnk

Resource

win7-20220414-en

icedid 1060798742 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

o5p0se/documents.lnk

Resource

win10v2004-20220414-en

icedid 1060798742 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

o5p0se/o5p0se.dll

Resource

win7-20220414-en

icedid 1060798742 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

o5p0se/o5p0se.dll

Resource

win10v2004-20220414-en

icedid 1060798742 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

o5p0se.zip
Size

379KB
MD5

81f2fd78dbb7ce94dc7cc438f3d554e8
SHA1

c31d4b9ca622ed966c3e2b4d80e93618f90b1da3
SHA256

a299c4df4706f75c60e1f53e39dff00126317de565a0afdfd7bf26381966e7d4
SHA512

0d2faba5ff48ebb3c93bdca7017f6e04bf17c6c6bd4e3738b55f51bba1e5ba66c6da9019f6311f94fa81843d90dcbd0dd191f4cfb010e3f094271761c399384d
SSDEEP

6144:DlToHYIJ+Dhmg32cb7VbalbybGh8TQdzGmFgVQTmc1At1PoP3KEhsBesN+Zg:DlTo4IeCcvVbsybGh4Qdz7gVEgZjtZNN

Score

N/A

Malware Config

Signatures

Files

o5p0se.zip
.zip
o5p0se/documents.lnk
.lnk
o5p0se/o5p0se.dll
.dll windows x64

710ad2892125df22be22b5bd4ddda1d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

imm32

ImmGetDefaultIMEWnd
ImmGetIMEFileNameW
ImmGetContext
ImmGetCandidateListW
ImmGetGuideLineA
ImmGetOpenStatus
ImmEscapeW
ImmGetCompositionWindow
ImmGetCandidateWindow
ImmEnumInputContext

usp10

ScriptCPtoX
ScriptGetFontScriptTags
ScriptGetProperties
ScriptGetCMap
ScriptItemizeOpenType

shlwapi

StrFormatByteSize64A
StrSpnA
StrCpyNW

msvfw32

GetOpenFileNamePreviewA
MCIWndRegisterClass
DrawDibRealize
ord2
DrawDibSetPalette
DrawDibGetBuffer
ICCompress

Exports

Exports

CHfatdFR
CJre8dshU
CRhiupfs
DGTZ8WpqlqD
F9Ovar
HNTKeEKK
U3EG9D258m
V2ru3UJ2bK
VJzDlBjvssP
XLYb8m5
aP0KAdbC
bI60t40p
fGgldmspEo
ijniuashdyguas
ltW2D3
mXZTzbcSj3
nKT0p3t
ptkbnorL
sLKhgzQEuHK
uboBUMNd
yJtE5ZYc

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy