Contract#8879[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

Contract.lnk

windows7-x64

3

Contract.lnk

windows10-2004-x64

3

unbelt/bri...rly.js

windows7-x64

3

unbelt/bri...rly.js

windows10-2004-x64

1

unbelt/hotheaded.dll

windows7-x64

unbelt/hotheaded.dll

windows10-2004-x64

unbelt/unm...la.cmd

windows7-x64

1

unbelt/unm...la.cmd

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Contract.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract.lnk

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

unbelt/bridgetownPopularly.js

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

unbelt/bridgetownPopularly.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

unbelt/hotheaded.dll

Resource

win7-20220812-en

qakbot bb 1663774884 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

unbelt/hotheaded.dll

Resource

win10v2004-20220812-en

qakbot bb 1663774884 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral7

Sample

unbelt/unmelodiouslySheila.cmd

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

unbelt/unmelodiouslySheila.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Contract#8879.iso
Size

1.1MB
MD5

c196d477026992295a275ea0a4e48035
SHA1

4d346fa25a05b812fed07487ff63208879415f8d
SHA256

d96d02243cad3bfd80eda30b240391d941969aa59c770507e16904ba10e6881e
SHA512

5823ec50ef403691c83ad4cebf75b3f782f9a3cc249d08d88ae4eb46040fcc1f4e92fb88143abf2d36d6b8fcfdc4dc7ec76d036346e4f93bffd03354126f7548
SSDEEP

12288:139yPbTo9KByskGoWHwa0nZXKlhb/H9TT+iTojfQCA3kptT68JtQzB5UT+QD1lNm:139yPbTornEjYNAeh4X668Jc5w9M+a

Score

N/A

Malware Config

Signatures

Files

Contract#8879.iso
.iso
Contract.lnk
.lnk
fireman/fodder.txt
unbelt/bridgetownPopularly.js
.js
unbelt/eyelid.png
.png
unbelt/hotheaded.db
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
unbelt/unmelodiouslySheila.cmd

© 2018-2024

Terms | Privacy