General
-
Target
89b2357e89f357fba520dc35157a8285bf67bb5bf50e48510b9331287d8a2e80
-
Size
1.2MB
-
Sample
200714-a6mr5nrxgn
-
MD5
db806fa70eeb4e0d42f85f3bfaf45d8e
-
SHA1
22e9ff02e668be7f0b01a33ce3a90ac257d7927d
-
SHA256
89b2357e89f357fba520dc35157a8285bf67bb5bf50e48510b9331287d8a2e80
-
SHA512
9eedda030efabccd9a24838c68e23268cb0d9ea1d444e09155ad257ae05c9fb20f5d3f0f63b7bacb0ed42979caf62d07ad710328c304186001b0805dc8aeb82b
Static task
static1
Behavioral task
behavioral1
Sample
89b2357e89f357fba520dc35157a8285bf67bb5bf50e48510b9331287d8a2e80.exe
Resource
win7v200430
Malware Config
Extracted
remcos
jswork.duckdns.org:6767
jswork.ddns.net:6767
Targets
-
-
Target
89b2357e89f357fba520dc35157a8285bf67bb5bf50e48510b9331287d8a2e80
-
Size
1.2MB
-
MD5
db806fa70eeb4e0d42f85f3bfaf45d8e
-
SHA1
22e9ff02e668be7f0b01a33ce3a90ac257d7927d
-
SHA256
89b2357e89f357fba520dc35157a8285bf67bb5bf50e48510b9331287d8a2e80
-
SHA512
9eedda030efabccd9a24838c68e23268cb0d9ea1d444e09155ad257ae05c9fb20f5d3f0f63b7bacb0ed42979caf62d07ad710328c304186001b0805dc8aeb82b
-
Drops startup file
-
Suspicious use of SetThreadContext
-