Con49[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

Contract.lnk

windows7-x64

Contract.lnk

windows10-2004-x64

liveried/buster.cmd

windows7-x64

1

liveried/buster.cmd

windows10-2004-x64

1

liveried/s...ph.dll

windows7-x64

liveried/s...ph.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Contract.lnk

Resource

win7-20220901-en

qakbot bb04 1666265103 banker stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract.lnk

Resource

win10v2004-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

liveried/buster.cmd

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

liveried/buster.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

liveried/spectrograph.dll

Resource

win7-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

liveried/spectrograph.dll

Resource

win10v2004-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

Con49.zip
Size

371KB
MD5

80fc1903fa5b89df96ee1b29116409a8
SHA1

a21491c30b04a70d592c91d71940427ef42d8a0b
SHA256

31167ad31e8e0b5b202f7e1666b3f8433c9712383d88f568a9063d2fdbfdd97b
SHA512

62a4a4e345d6e4c510c4c61a341eebbcbfd59b52fc1fe9cd944d2665bb61c12fcb49c637c0a529a1237dccd04c324ddc2957433db6cdb2ce2195e6d855ba188d
SSDEEP

6144:x97Y6kUPLNjkfUaZuIrmp6Vr5SaELsblM00PEhnu/ZyzCWtDa2iU3sEvfUuXZqOu:n7LNjkfUJIbtS/Ih8O2ZyjgHEvsuXAN/

Score

N/A

Malware Config

Signatures

Files

Con49.zip
.zip

Password: NH833
Contract5969.iso
.iso .vbs

Password: NH833
Contract.lnk
.lnk
liveried/buster.cmd
.cmd .vbs
liveried/spectrograph.ssd
.dll windows x86

Password: NH833

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy