forensics[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

CardS.lnk

windows7-x64

3

CardS.lnk

windows10-2004-x64

3

anticipati...nt.cmd

windows7-x64

1

anticipati...nt.cmd

windows10-2004-x64

1

anticipati...tan.js

windows7-x64

3

anticipati...tan.js

windows10-2004-x64

1

anticipati...lo.dll

windows7-x64

anticipati...lo.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

CardS.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

CardS.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

anticipations\battelEndpoint.cmd

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

anticipations\battelEndpoint.cmd

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

anticipations\fateSamaritan.js

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

anticipations\fateSamaritan.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

anticipations\hello.dll

Resource

win7-20220812-en

qakbot bb 1664358901 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

anticipations\hello.dll

Resource

win10v2004-20220901-en

qakbot bb 1664358901 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

forensics.zip
Size

355KB
MD5

b6df97c7b41371d1df7abccc7999ff52
SHA1

6371ac2c098ed56af071aa4d3c87329c1234f599
SHA256

35968b09cbca9b4c33f16f11007ff0d6663af1fdcfa62721157f81f1c167a238
SHA512

4855d6fe4813277627ec00f14997cf4c3d522a5b270d81a5d326011597c30b9b1e6c1eb963f0425828353e5ccd5c2b11ee7aa82b9dbe84db7bf55da240f7adeb
SSDEEP

6144:KaAlqTwepT/JhzQdZbxWtM3Da9C/27Lf4arOcC+KOYLCOTS5cwRz7WTfxAWVeXfB:KtNCcxseJ/2ffXrLC8YmmERnWTfaaqB

Score

N/A

Malware Config

Signatures

Files

forensics.zip
.zip
CardS.lnk
.lnk
anticipations\battelEndpoint.cmd
anticipations\fateSamaritan.js
.js
anticipations\hello.db
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy