General
-
Target
FDA_certs.exe
-
Size
371KB
-
Sample
201109-6kz36b2lbe
-
MD5
9c547767c3059a4aa991b4b4413725bb
-
SHA1
fd83c2cf73a959255d01abca9d681af4c62d5dbf
-
SHA256
246fb765947ed62ef616f5f714642ff0db639983582c0fa2cbab9ad251669b78
-
SHA512
1a3e2250804bc524750cdf3517b51af04e6988bc080a2d35468fc2e16758b6cd8970ff416ce0a009cbda387b31aaa0e698e8e5d1aba3f60c6110e069e4c1b1b7
Behavioral task
behavioral1
Sample
FDA_certs.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
kmt.duckdns.org:3039
kmt-2.duckdns.org:3039
Targets
-
-
Target
FDA_certs.exe
-
Size
371KB
-
MD5
9c547767c3059a4aa991b4b4413725bb
-
SHA1
fd83c2cf73a959255d01abca9d681af4c62d5dbf
-
SHA256
246fb765947ed62ef616f5f714642ff0db639983582c0fa2cbab9ad251669b78
-
SHA512
1a3e2250804bc524750cdf3517b51af04e6988bc080a2d35468fc2e16758b6cd8970ff416ce0a009cbda387b31aaa0e698e8e5d1aba3f60c6110e069e4c1b1b7
-
Suspicious use of SetThreadContext
-