9D-SO0vUYnXXdxh8R92jXuY0VdJE5fKbkbB8k8PLVo4[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

Claim#8265.iso

windows7-x64

3

Claim#8265.iso

windows10-2004-x64

3

7769/7932.cmd

windows7-x64

8

7769/7932.cmd

windows10-2004-x64

8

7769/racily.dll

windows7-x64

7769/racily.dll

windows10-2004-x64

Claim.lnk

windows7-x64

3

Claim.lnk

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Claim#8265.iso

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Claim#8265.iso

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

7769/7932.cmd

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

7769/7932.cmd

Resource

win10v2004-20220901-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

7769/racily.dll

Resource

win7-20220812-en

qakbot banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

7769/racily.dll

Resource

win10v2004-20220812-en

qakbot banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral7

Sample

Claim.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

Claim.lnk

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9D-SO0vUYnXXdxh8R92jXuY0VdJE5fKbkbB8k8PLVo4.bin
Size

631KB
MD5

9c7c5d481609fd857b15d95cefc15440
SHA1

c748511c6e6be9ba70e74240a1918b8beac115d1
SHA256

f43fd23b4bd46275d777187c47dda35ee63455d244e5f29b91b07c93c3cb568e
SHA512

083efb53d0d26f89a1b58f2f4c350d491f19f19e1ff7381857ea8deccaa2fd262970568b5d142194a7ab4889d5811db6d2f9b83ed6113bb37ba604f37fc58bf3
SSDEEP

12288:ErvqSBsstAq97yuUdg731ACEhV6azAolan26W+zUqyGGrVieVdqC1pYC0:uvqSWuyJq1ACEH6azAoT7ubhGrViu1pi

Score

N/A

Malware Config

Signatures

Files

9D-SO0vUYnXXdxh8R92jXuY0VdJE5fKbkbB8k8PLVo4.bin
.zip

Password: abc777
Claim#8265.iso
.iso .vbs

Password: abc777
7769/7932.cmd
.cmd .vbs
7769/immigration.txt
7769/racily.dat
.dll windows x86

Password: abc777

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Claim.lnk
.lnk

© 2018-2025

Terms | Privacy