Contract#5302[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

Contract.lnk

windows7-x64

3

Contract.lnk

windows10-2004-x64

3

unbelt/guinea.dll

windows7-x64

unbelt/guinea.dll

windows10-2004-x64

unbelt/inv...ing.js

windows7-x64

3

unbelt/inv...ing.js

windows10-2004-x64

1

unbelt/sta...al.cmd

windows7-x64

1

unbelt/sta...al.cmd

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Contract.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract.lnk

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

unbelt/guinea.dll

Resource

win7-20220812-en

qakbot bb 1663774884 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

unbelt/guinea.dll

Resource

win10v2004-20220812-en

qakbot bb 1663774884 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

unbelt/investsFettering.js

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

unbelt/investsFettering.js

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

unbelt/staredDictatorial.cmd

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

unbelt/staredDictatorial.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Contract#5302.iso
Size

1.1MB
MD5

00f770cbcf347de2a4ccc2a8ad13375a
SHA1

ac5677fa3dd7f180c0b3cd98f9f89fafaf8f9068
SHA256

8e9265fba8f03efd532c2a686f5adfbc203488570577210a16d87767125023d4
SHA512

7828a62e256003ebf038d691e848c0978ca51621b9d056df60185060c1e0974f1af058a6cd1d4518e7f46da64ca4c431782224a3dbb8a47d8806c08632ef6d62
SSDEEP

12288:+39yPbTonKByskGoWHwa0nZXKlhb/H9TT+iTojfQCA3kptT68JtQzB5UT+QD1lNm:+39yPbToxnEjYNAeh4X668Jc5w9M+a

Score

N/A

Malware Config

Signatures

Files

Contract#5302.iso
.iso
Contract.lnk
.lnk
fireman/fodder.txt
unbelt/eyelid.png
.png
unbelt/guinea.db
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
unbelt/investsFettering.js
.js
unbelt/staredDictatorial.cmd

© 2018-2024

Terms | Privacy