stolenImagesSample[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

documents.lnk

windows7_x64

documents.lnk

windows10-2004_x64

o5p0se.dll

windows7_x64

o5p0se.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

documents.lnk

Resource

win7-20220414-en

icedid 1060798742 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

documents.lnk

Resource

win10v2004-20220414-en

icedid 1060798742 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

o5p0se.dll

Resource

win7-20220414-en

icedid 1060798742 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

o5p0se.dll

Resource

win10v2004-20220414-en

icedid 1060798742 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

stolenImagesSample.zip
Size

387KB
MD5

70b2a9977d72e967a37e5d965fb52c3d
SHA1

cbc2d35ba156dcfe6772da79bb439b466089ac88
SHA256

6f1b9bf0e7a14fa84bdb676b30eb92644dcfae7c42b10794b7ca88851bfe5921
SHA512

9a6caacc73a5588df6c583832c4455354867574e7be53d3d7a2d92050ff7ec84c15a244c672ce4f4a8b73eb2ef23a250db8f3e22d597c531a1b005bb96253432
SSDEEP

6144:NzT6SajF+JzJPWNvGzodgmQng5wiN28eeZiLITLDTMUZBfOWyhC:tBaszJPWBSxmQYi9LIHDTMUPfOWoC

Score

N/A

Malware Config

Signatures

Files

stolenImagesSample.zip
.zip
documents.lnk
.lnk
o5p0se.dll
.dll windows x64

21ad313d9c4568665dda6873dbbe8c41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

imm32

ImmGetContext
ImmGetConversionStatus
ImmEscapeW
ImmInstallIMEW

gdi32

GetCharABCWidthsI
GetClipRgn
GetBrushOrgEx
GetDCPenColor
DescribePixelFormat
CreateBitmap
CreateRoundRectRgn
GetFontData

usp10

ScriptSubstituteSingleGlyph
ScriptStringOut
ScriptString_pLogAttr
ScriptGetGlyphABCWidth
ScriptApplyDigitSubstitution

shlwapi

StrToInt64ExW
StrChrW
StrCmpIW

Exports

Exports

BQ0dxRx
IEW9SbH
OFYTT3
PZig8FkTJFh
QBSVXsS7
RbRwbKUckIj
Uoio2jYRi1
WOGeqpuGCJ
Y1RVFiJ
gWEr9lTH
hUiDpVs
ijniuashdyguas
s06gpnK2N
sKX12Z
t5xVuVO2XBO
v8gKTVB

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy