ArtItem3069356283[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

Art.lnk

windows7-x64

3

Art.lnk

windows10-2004-x64

3

banners/de...ted.js

windows7-x64

3

banners/de...ted.js

windows10-2004-x64

1

banners/in...ds.cmd

windows7-x64

1

banners/in...ds.cmd

windows10-2004-x64

1

banners/ma...on.dll

windows7-x64

banners/ma...on.dll

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Art.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Art.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

banners/deactivatesUnimpacted.js

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

banners/deactivatesUnimpacted.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

banners/incidentallyOnwards.cmd

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

banners/incidentallyOnwards.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

banners/machination.dll

Resource

win7-20220901-en

qakbot bb 1664184863 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

banners/machination.dll

Resource

win10v2004-20220812-en

qakbot bb 1664184863 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

ArtItem3069356283.zip
Size

592KB
MD5

d903a2b8081e90ad1e0e2f22381af631
SHA1

f748db7be9c9f0cd10388eda7ed822b16f509cbc
SHA256

59d428f2bbe2c469a62cbb83b067faed395052f832ae24c224a92a5637feae2b
SHA512

780dc3d94325808f66bafaee21e0c65b598a55c3a65d04b96be703c9cfbd09beccdb6a8f203a8b02fe4e7c4ff8aa084010bd8175f281e5e422e750f41d169f94
SSDEEP

12288:si0R6YOH/Ht1A1BxxzYfvZehPCRzDZOsfhxe64ZBEEvxdf7xN/uO5:gRRM/HTArxxzYfvZeh4zxz4ZBE+nf7L7

Score

N/A

Malware Config

Signatures

Files

ArtItem3069356283.zip
.zip

Password: H436
Art#3005.iso
.iso

Password: H436
Art.lnk
.lnk
banners/citizens.gif
banners/deactivatesUnimpacted.js
.js
banners/incidentallyOnwards.cmd
banners/machination.db
.dll windows x86

Password: H436

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 726KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
banners/reddens.gif
banners/transmuted.png
.png

© 2018-2024

Terms | Privacy