General
-
Target
Loading-Documents,pdf.exe
-
Size
423KB
-
Sample
200707-vvb7rxn1mn
-
MD5
4df66339be6f263c7c6e398cc65de65e
-
SHA1
6810fbf18ada8cdbc5d228c0db2bc01ca029fddf
-
SHA256
18f32daab9bac5909cf9fe9bfaba3183104ae5ec60bdafc8091214887e966195
-
SHA512
b0be3f88d7cde12e9fdb7f451f30b8b996c7eae12ad29bd8c313312af38c2b5d7f765da0af55d0554f04ff44f769a4cb8453b8f02e6c2e30914528f1fc609de8
Static task
static1
Behavioral task
behavioral1
Sample
Loading-Documents,pdf.exe
Resource
win7
Behavioral task
behavioral2
Sample
Loading-Documents,pdf.exe
Resource
win10v200430
Malware Config
Extracted
remcos
jamesanderson68986.ddns.net:1965
Targets
-
-
Target
Loading-Documents,pdf.exe
-
Size
423KB
-
MD5
4df66339be6f263c7c6e398cc65de65e
-
SHA1
6810fbf18ada8cdbc5d228c0db2bc01ca029fddf
-
SHA256
18f32daab9bac5909cf9fe9bfaba3183104ae5ec60bdafc8091214887e966195
-
SHA512
b0be3f88d7cde12e9fdb7f451f30b8b996c7eae12ad29bd8c313312af38c2b5d7f765da0af55d0554f04ff44f769a4cb8453b8f02e6c2e30914528f1fc609de8
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-