9ead0f19-de2b-401d-9c22-a5e4d53bba5d[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

REJ.lnk

windows7-x64

3

REJ.lnk

windows10-2004-x64

3

oslo/cattily.cmd

windows7-x64

1

oslo/cattily.cmd

windows10-2004-x64

1

oslo/connotation.dll

windows7-x64

oslo/connotation.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

REJ.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

REJ.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

oslo/cattily.cmd

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

oslo/cattily.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

oslo/connotation.dll

Resource

win7-20220901-en

qakbot obama213 1665998932 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

oslo/connotation.dll

Resource

win10v2004-20220812-en

qakbot obama213 1665998932 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

9ead0f19-de2b-401d-9c22-a5e4d53bba5d.zip
Size

828KB
MD5

d02c4bc79a2801bbe691f5ba1f5ea7b4
SHA1

a64f66a5077cbd56978a0871e76c932ddcb6b052
SHA256

9292de4688ab7992bd9311e57fe8e7f9b3f6c6f1d6bebb0ade072c27205ed445
SHA512

c60b10a8989b29396644b351fa30beba2156a1a689495959421e1ec05c10fbd8ec4fa9e99634bcad2574166cd9daa178246a530c39727c09489a8bc0817bf3cf
SSDEEP

24576:9QtLF+N7/VgKzWSHlQeo4W8R9e7zIzpNSz2zwRM:eIeYWSFQV4feHBSzwRM

Score

N/A

Malware Config

Signatures

Files

9ead0f19-de2b-401d-9c22-a5e4d53bba5d.zip
.zip

Password: abc555
REJ_3241.iso
.iso .vbs

Password: abc555
REJ.lnk
.lnk
oslo/cattily.cmd
.cmd .vbs
oslo/connotation.dat
.dll windows x86

Password: abc555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
oslo/nicks.txt
oslo/train.png
.png

© 2018-2025

Terms | Privacy