Pt4r56MIsgOIM4orQT2wchOJ7kCSAfuEm8q0TJAMNR8[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

Pt4r56MIsg...R8.zip

windows7-x64

1

Pt4r56MIsg...R8.zip

windows10-2004-x64

1

REJ_1126.iso

windows7-x64

3

REJ_1126.iso

windows10-2004-x64

3

REJ.lnk

windows7-x64

3

REJ.lnk

windows10-2004-x64

3

oslo/edges.cmd

windows7-x64

1

oslo/edges.cmd

windows10-2004-x64

1

oslo/thonged.dll

windows7-x64

oslo/thonged.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Pt4r56MIsgOIM4orQT2wchOJ7kCSAfuEm8q0TJAMNR8.zip

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Pt4r56MIsgOIM4orQT2wchOJ7kCSAfuEm8q0TJAMNR8.zip

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

REJ_1126.iso

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

REJ_1126.iso

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

REJ.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

REJ.lnk

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

oslo/edges.cmd

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

oslo/edges.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

oslo/thonged.dll

Resource

win7-20220901-en

qakbot obama213 1665998932 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

oslo/thonged.dll

Resource

win10v2004-20220812-en

qakbot obama213 1665998932 banker stealer trojan

windows10-2004-x64

5 signatures

150 seconds

General

Target

Pt4r56MIsgOIM4orQT2wchOJ7kCSAfuEm8q0TJAMNR8.bin
Size

829KB
MD5

cd6eb46b1967b6172c87405d75d1798f
SHA1

f011c73608c4a0d15f2f87caca2b0a8626990acb
SHA256

3ede2be7a308b20388338a2b413db0721389ee409201fb849bcab44c900c351f
SHA512

3fc8bdca7f6156e85e3521c7dd0ef9711dbb256cccedb0dc0a940dbd2b6da45244cdc7b160a8e722d30f5f5cf01cb935b1f088f1a08dafbe08fbb758bfb890c0
SSDEEP

12288:XrDMx7L8t5EXL1EIFUHgwAs/gwA0Q8/xuoIao2rb4yy/YCSwJcMhiflkr+PSzG:XrDs8t5EyI6Bvgs4n2fy/FJcMhi90PzG

Score

N/A

Malware Config

Signatures

Files

Pt4r56MIsgOIM4orQT2wchOJ7kCSAfuEm8q0TJAMNR8.bin
.zip

Password: abc555
REJ_1126.iso
.iso .vbs

Password: abc555
REJ.lnk
.lnk
oslo/edges.cmd
.cmd .vbs
oslo/nicks.txt
oslo/thonged.dat
.dll windows x86

Password: abc555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
oslo/train.png
.png

© 2018-2025

Terms | Privacy