Contract#4299[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

Contract.lnk

windows7-x64

3

Contract.lnk

windows10-2004-x64

3

unbelt/fifty.dll

windows7-x64

unbelt/fifty.dll

windows10-2004-x64

unbelt/pre...ing.js

windows7-x64

3

unbelt/pre...ing.js

windows10-2004-x64

1

unbelt/tic...ly.cmd

windows7-x64

1

unbelt/tic...ly.cmd

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Contract.lnk

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

unbelt/fifty.dll

Resource

win7-20220812-en

qakbot bb 1663774884 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

unbelt/fifty.dll

Resource

win10v2004-20220901-en

qakbot bb 1663774884 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

unbelt/pressurizingFollowing.js

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

unbelt/pressurizingFollowing.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

unbelt/ticklingClinically.cmd

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

unbelt/ticklingClinically.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Contract#4299.iso
Size

1.1MB
MD5

0b6923383126a55a7d6f66dbc19c13e2
SHA1

16cf9eb8170858b14c81023c1c4409153a3041d5
SHA256

6f2ad3cbf94e38717fb4becdfe7bdeded42ef777879a55b596ae53d9442975be
SHA512

35e31867a5958fd153c12d8a48c4b6e73e8da769b73911c16e6750f03be9127d13ad8ec40410b5b12cd8a69782ae9dae87839f7bbef71c89ef77c3e3c74495ef
SSDEEP

12288:d39yPbTonKByskGoWHwa0nZXKlhb/H9TT+iTojfQCA3kptT68JtQzB5UT+QD1lNm:d39yPbToxnEjYNAeh4X668Jc5w9M+a

Score

N/A

Malware Config

Signatures

Files

Contract#4299.iso
.iso
Contract.lnk
.lnk
fireman/fodder.txt
unbelt/eyelid.png
.png
unbelt/fifty.db
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
unbelt/pressurizingFollowing.js
.js
unbelt/ticklingClinically.cmd

© 2018-2024

Terms | Privacy