treasury[.]db | Triage

Submit
Reports

Overview

overview

Static

static

treasury.dll

windows7-x64

1

treasury.dll

windows10-1703-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

treasury.dll

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

treasury.dll

Resource

win10-20220812-en

icedid 2909555027 banker loader trojan

windows10-1703-x64

3 signatures

150 seconds

General

Target

treasury.db
Size

679KB
MD5

d6d9279f33ae617f303a7d23d3a9d4c6
SHA1

00f2dcc3851ae48c8d23739d051aad423a824010
SHA256

3b5f1e4942e4d13778e9ad9cd051ee2820e55b06966472e5764facecbcc94f28
SHA512

1ce4b8df974639cbaf7d396050092ada1d2f67efc829d0871980eb337cccef11307e7e5709d9af763ccde31bd6ee9a40ba8f7c644aa8ee64a141b6c7b80994b2
SSDEEP

6144:NMjneLstVgH2yICXFa98HrqnlSGbezqOcLf/1O5800oBKMvUfEfm/A:NMjeqd2XxGbfOqfVmKMuY

Score

N/A

Malware Config

Signatures

Files

treasury.db
.dll windows x64

d0bacade726006a49f7134ab798a87b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFileType
CloseHandle
GetLastError
DeleteFileA
CreateEventW
VirtualAlloc
OpenFile
GetFileSize
WaitForSingleObject
CreateFileA

gdi32

GetFontLanguageInfo
GetBkMode

shlwapi

StrPBrkA
StrChrIA

Exports

Exports

ANFTazoXUcCWTVEq
BpfSyiKsOCW
DirCUuTJeQXHdOvn
FUZUloXUteO
GQjASCIGAvXNyHey
KmajjpmdaaglCW
RiRFnWZOaKzSfWXx
XKZeGtVPybRktb
dyuabshduyasdasidkasa
jTSlHhLpVrdk
myJTDmqszbUNDOKo
pClNYDXOgaQ
ssLvIdjsgTs
tTfiTFjMXCBcA
wdgGPXAXUklqcKQ

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sqgb
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy