files[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

Important.lnk

windows7-x64

3

Important.lnk

windows10-2004-x64

3

tathipsatc...ow.bat

windows7-x64

1

tathipsatc...ow.bat

windows10-2004-x64

1

tathipsatc...ng.dll

windows7-x64

tathipsatc...ng.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Important.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

Important.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

tathipsatcub/elevateeyebrow.bat

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

tathipsatcub/elevateeyebrow.bat

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

tathipsatcub/sweeping.dll

Resource

win7-20220812-en

icedid 537138462 banker loader trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

tathipsatcub/sweeping.dll

Resource

win10v2004-20220901-en

icedid 537138462 banker loader trojan

windows10-2004-x64

3 signatures

150 seconds

General

Target

files.zip
Size

36KB
MD5

f2ee946b493a143f0b58975f43e6780e
SHA1

dcd1551a84d88877cda72d8abfa04dc533ceb2e5
SHA256

321439d33123f5e36c94bb609d0f5cec62950fcf2b676d08adf3515e1f54d1b3
SHA512

3f84417c26027e708062d27650413f319612b9c02dc3e0eb622375c2b03a8268d6873269fb0bc06c39b4c9c9a9d22934ff89b2ebc0a8ec28868f1f8aaf8b94bd
SSDEEP

768:XkGkWWoIOBX4Rb30+XJsOdqIWWOlaiCgZCBzf+dEqpphNAxG+:XTpIOBX4Z30SOuWW7XBSlZU

Score

N/A

Malware Config

Signatures

Files

files.zip
.zip
Important.lnk
.lnk
tathipsatcub/elevateeyebrow.bat
tathipsatcub/sweeping.dat
.dll windows x64

a8ce5a7531b75661998823badeb4ca06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WaitForSingleObject
CreateEventA
VirtualAlloc
GetConsoleCP
GetConsoleMode
ReadConsoleInputW
FillConsoleOutputCharacterW
FillConsoleOutputAttribute
SetConsoleOutputCP
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleCursorPosition
SetConsoleTextAttribute
SetConsoleWindowInfo
ScrollConsoleScreenBufferW
ReadConsoleOutputW
SetConsoleTitleW
GetConsoleDisplayMode

uxtheme

DrawThemeEdge
HitTestThemeBackground
ord47

msvfw32

MCIWndCreateA
MCIWndRegisterClass

Exports

Exports

CZOnKvcNagoQvWaJ
FcBngEDLSVga
GMxxJCuNOUxx
HxfgaVWQesU
LgyPeZRTxPwDchW
MIbBJaiUynA
MterDbARYffSJII
NOJLNdjugTfiiWwW
QcYlCvhVfEcgeUeD
WeZBSIwskKXnTY
bVKOMAKRNrcuw
gXVKPUEAmQUeoa
jQeffisJYPtbsHx
uhandahygstdgahuisjdjnsuays

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy