circular_29092022[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

NisSrv.exe

windows7-x64

1

NisSrv.exe

windows10-2004-x64

circular_29092022.pdf

windows7-x64

1

circular_29092022.pdf

windows10-2004-x64

1

circular_2...df.lnk

windows7-x64

3

circular_2...df.lnk

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

NisSrv.exe

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

NisSrv.exe

Resource

win10v2004-20220812-en

netwire botnet rat stealer

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

circular_29092022.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

circular_29092022.pdf

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral5

Sample

circular_29092022.pdf.lnk

Resource

win7-20220901-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral6

Sample

circular_29092022.pdf.lnk

Resource

win10v2004-20220901-en

netwire botnet rat stealer

windows10-2004-x64

13 signatures

150 seconds

General

Target

circular_29092022.iso
Size

768KB
MD5

b5bdf09f5f778b14f1eb4bb5a77209b6
SHA1

eca3b1d788a473c8336d8c5a9719bfb74ae01d38
SHA256

cd592c969a3a940e43888a1902ec9e4605ed28676d3945ab84d72175fbc87253
SHA512

f5ac111382f8e177bef7adb46cde3cbd942242b13265bcf465386abd97d670f0cf1b519df7b624ebae6ac5d200d7a2f8f954e9a35487cf36a0a5cab3e4d4e654
SSDEEP

12288:1QeS5W5CtoNFZj4QySHYca0UjzVDFKH3ox5y3:1QeScotGj4Q3a0U/VDFKXa58

Score

N/A

Malware Config

Signatures

Files

circular_29092022.iso
.iso
NisSrv.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 476KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
circular_29092022.pdf
.pdf
circular_29092022.pdf.lnk
.lnk

© 2018-2024

Terms | Privacy