Contract#6800[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

Contract.lnk

windows7-x64

3

Contract.lnk

windows10-2004-x64

3

publish/co...es.cmd

windows7-x64

1

publish/co...es.cmd

windows10-2004-x64

1

publish/patching.dll

windows7-x64

publish/patching.dll

windows10-2004-x64

publish/si...vo.vbs

windows7-x64

3

publish/si...vo.vbs

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Contract.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract.lnk

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

publish/confessionalForbes.cmd

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

publish/confessionalForbes.cmd

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

publish/patching.dll

Resource

win7-20220812-en

qakbot banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

publish/patching.dll

Resource

win10v2004-20220812-en

qakbot banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral7

Sample

publish/silkwormsVolvo.vbs

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

publish/silkwormsVolvo.vbs

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

Contract#6800.iso
Size

1.3MB
MD5

3ae661058d7596fd3e6294e2122ad150
SHA1

8fa3184bd2dee5c228361d7aa48d3fc2c41d053f
SHA256

3a9a0af13e06ba635d38d1fdadabf62030dfa5dc2c7d94dec590d96bf6d00f1d
SHA512

326522e2425fb04f93e01763d8c8dca292c724f633a047d413e9f52e9b767b3ede5e73f3be3277887d6785f0acae322da1698785083c3846727ba948ffd0b0a7
SSDEEP

24576:0wFOHrwcwjHmvwiK7Jb0y/cT5SL32j1do5WFEJ4B38MXujjHH:0wFOHrwcwjHmvwiKb1/cT5Sr5lJI3ojn

Score

N/A

Malware Config

Signatures

Files

Contract#6800.iso
.iso
Contract.lnk
.lnk
publish/confessionalForbes.cmd
publish/depredating.txt
publish/grandparents.txt
publish/patching.dat
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
publish/purge.jpg
.jpg
publish/silkwormsVolvo.vbs
.vbs
publish/thrusters.txt

© 2018-2025

Terms | Privacy