240f1bfee962f56cc11c784b6cd2d01ce408eaff828a02209174f16fe62942e1 | Triage

Submit
Reports

Overview

overview

Static

static

1

Agreement_...r4.zip

windows10-2004-x64

1

Agreement_...r4.xll

windows10-2004-x64

1

Agreement_...r4.xll

windows10-2004-x64

Analysis

max time kernel
1399s
max time network
1225s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
15-03-2023 15:38

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Agreement_138439_Mar4.zip

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Agreement_138439_Mar4.xll

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

1800 seconds

Behavioral task

behavioral3

Sample

Agreement_138439a_Mar4.xll

Resource

win10v2004-20230220-en

qakbot obama242 1678805546 banker stealer trojan

windows10-2004-x64

15 signatures

1800 seconds

Report Analysis Logs

General

Target

Agreement_138439_Mar4.zip
Size

1.5MB
MD5

e0500dca79e9a372d1dbcbcadf898b73
SHA1

dafeded2db4dc008a8943c848954ea55a5cdd3c1
SHA256

240f1bfee962f56cc11c784b6cd2d01ce408eaff828a02209174f16fe62942e1
SHA512

2c811eefabafe2ec77c31227ad5824283a4e5932465757d89ca9b93a32aff4622128a87365ab4339a64fa1378e745dd7fe75a1e5740e41bd4abe7f6d1eb03877
SSDEEP

49152:wOA4ENIGDFC/yGxS8RFW/pwpsSNJucr5upB+Ajq:wi8IGAyCS8veSLuGaRjq

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Agreement_138439_Mar4.zip
1⤵
PID:4732

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy