Contract8591[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

Contract.lnk

windows7-x64

Contract.lnk

windows10-2004-x64

liveried/theorize.cmd

windows7-x64

1

liveried/theorize.cmd

windows10-2004-x64

1

liveried/u...ed.dll

windows7-x64

liveried/u...ed.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Contract.lnk

Resource

win7-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract.lnk

Resource

win10v2004-20220901-en

qakbot bb04 1666265103 banker stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

liveried/theorize.cmd

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

liveried/theorize.cmd

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

liveried/unfeigned.dll

Resource

win7-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

liveried/unfeigned.dll

Resource

win10v2004-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

Contract8591.iso
Size

698KB
MD5

375ed6437aebbddee6e9fb9352293378
SHA1

2eb4c7948a8c99e24c19042392b2b3bd675ce41c
SHA256

978be3c23613151ddb6411dec2f975c67f1ae7431f5193bda800a3a4b1f58da2
SHA512

72efd8e99830d33eda37a65b0d80ae75adcf63bfb0754236f0e12d194fbaba3d02d42a08d5a1d45d6aa986a066a47013406f3f203b2f7a64a05e4c22c58e1147
SSDEEP

12288:d5zUU6VCu0L4yCLtaNExGapWYKv38Ay9XRHPh3M4B90U6Zt:bQhVCPnCoApOv3z2hxM4BKZ

Score

N/A

Malware Config

Signatures

Files

Contract8591.iso
.iso .vbs

Password: NH833
Contract.lnk
.lnk
liveried/theorize.cmd
.cmd .vbs
liveried/unfeigned.ssd
.dll windows x86

Password: NH833

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy