invoice-0009[.]iso | Triage

Submit
Reports

Overview

overview

Static

static

HEESRICD/CRIHNQKO.cmd

windows7-x64

3

HEESRICD/CRIHNQKO.cmd

windows10-2004-x64

1

HEESRICD/ETPZENER.js

windows7-x64

1

HEESRICD/ETPZENER.js

windows10-2004-x64

1

HEESRICD/J...fh.pdf

windows7-x64

1

HEESRICD/J...fh.pdf

windows10-2004-x64

1

HEESRICD/KRTQRRFH.dll

windows7-x64

HEESRICD/KRTQRRFH.dll

windows10-2004-x64

invoice.pdf.lnk

windows7-x64

3

invoice.pdf.lnk

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

HEESRICD/CRIHNQKO.cmd

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

HEESRICD/CRIHNQKO.cmd

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

HEESRICD/ETPZENER.js

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

HEESRICD/ETPZENER.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

HEESRICD/JG343534I3khfdfgkdfh.pdf

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

HEESRICD/JG343534I3khfdfgkdfh.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

HEESRICD/KRTQRRFH.dll

Resource

win7-20221111-en

icedid 3606255791 banker loader trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

HEESRICD/KRTQRRFH.dll

Resource

win10v2004-20221111-en

icedid 3606255791 banker loader trojan

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

invoice.pdf.lnk

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

invoice.pdf.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

invoice-0009.iso
Size

1.1MB
MD5

ac162909e008bdb042ad2362d2c01902
SHA1

aa2039b03669cfc8d720f08ed4aebbcdefb4938b
SHA256

873d02bb3d248110c1db5155acd11811ba99c4689ceb2eb148fba49f712d3ff8
SHA512

7e613884b305ace6165c4f2e0322074e40da6a89f588d8b11fe84e80d8166088fa70c2d235beb506a98a1aa1e1d282f3ba60e55dd54e9d3d8522195bc9debb86
SSDEEP

24576:KVlBZkyFvIJPjhsYQAq2l6ncIJGGY7NuRUB3SVlBZkyFvIJPjhszwoBwJwJH:KVlHkbjhsY9q2l6ndJGGY7NuRUEVlHki

Score

N/A

Malware Config

Signatures

Files

invoice-0009.iso
.iso
HEESRICD/BMJLFRHB.TXT
HEESRICD/CRIHNQKO.cmd
HEESRICD/ETPZENER.js
.js
HEESRICD/JG343534I3khfdfgkdfh.pdf
.pdf
HEESRICD/KRTQRRFH.dat
.dll windows x64

0fa1b5485dd7b18a8134317d62007564

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

usp10

ScriptApplyDigitSubstitution
ScriptStringCPtoX
ScriptItemize
ScriptFreeCache

shlwapi

StrRetToBSTR
StrRChrIW
StrRStrIA
StrStrNW

rasapi32

RasDeleteEntryW
RasGetEntryPropertiesW
RasGetProjectionInfoA

Exports

Exports

DPwVTBBAqU
Duhfajksafijujkas
OfLDWnFZBXP
ULdDjZrGj
UpeKxqM
YNkxYhaeQ
aTXOhMHhLTn
qbPTkhSVUKH
sYjsbGt
tqaldZW
xaEUpF
yNhMIRR

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pht
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdr
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HEESRICD/MZLBOOZU.TXT
HEESRICD/VXGGWTGV.TXT
HEESRICD/YXIFAKOA.PNG
.png
invoice.pdf.lnk
.lnk

© 2018-2024

Terms | Privacy