12H5qQ_02Rcdg5kHA5qejyZOJZnKI0krZYgDBy-Vqoo[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

Contract1384.iso

windows7-x64

3

Contract1384.iso

windows10-2004-x64

3

Contract.lnk

windows7-x64

Contract.lnk

windows10-2004-x64

liveried/p...ss.cmd

windows7-x64

1

liveried/p...ss.cmd

windows10-2004-x64

1

liveried/sneak.dll

windows7-x64

liveried/sneak.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Contract1384.iso

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Contract1384.iso

Resource

win10v2004-20220901-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Contract.lnk

Resource

win7-20220901-en

qakbot bb04 1666265103 banker stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral4

Sample

Contract.lnk

Resource

win10v2004-20220901-en

qakbot bb04 1666265103 banker stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral5

Sample

liveried/prophetess.cmd

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

liveried/prophetess.cmd

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

liveried/sneak.dll

Resource

win7-20220812-en

qakbot bb04 1666265103 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

liveried/sneak.dll

Resource

win10v2004-20220901-en

qakbot bb04 1666265103 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

12H5qQ_02Rcdg5kHA5qejyZOJZnKI0krZYgDBy-Vqoo.bin
Size

371KB
MD5

abe617bc0891f2a276673e02fcccf9e7
SHA1

95861337d629a9a04364b7efea182ea6fe69382e
SHA256

d761f9a90fb4d9171d839907039a9e8f264e2599ca23492b658803072fd5aa8a
SHA512

4e4cb4b7818c0725258603af52577c26e62b57a9d9c3f83ef7dd875dd098aab45ab8e96cfc20afed7041ef5a01a610ed31f76e4b1ab6aa963c6e77119336ac90
SSDEEP

6144:mLP7+71nczQlGAd83UEa1wvTUkjtOa/NpkAF5yoEaEe6JE41zmxPwDaxUdkn2nP:mLynczudXsvTUWtOa8AFQoEn5JltQIDB

Score

N/A

Malware Config

Signatures

Files

12H5qQ_02Rcdg5kHA5qejyZOJZnKI0krZYgDBy-Vqoo.bin
.zip

Password: NH833
Contract1384.iso
.iso .vbs

Password: NH833
Contract.lnk
.lnk
liveried/prophetess.cmd
.cmd .vbs
liveried/sneak.ssd
.dll windows x86

Password: NH833

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy