General
-
Target
Rbmmuoavjkz8.exe
-
Size
1.2MB
-
Sample
201112-4zdwhgymtx
-
MD5
92a24000ceaaf6dfffe49237ce46c711
-
SHA1
8ddd627b8f77d01d3f20541e66c43f6196573e12
-
SHA256
c9a855a5da51e96ec9c3c59f6331939b49bbdee2d9309f61ce92e326abdb3895
-
SHA512
6ecb7e65b795f7bc4984d2b6b5a4b622d7d3979d24ce414e6373e58ad834b1161870489ab5efe5c8edfa7ce1b8ff31e06ee8e3ba067a24c7d68dd80cf8504128
Static task
static1
Behavioral task
behavioral1
Sample
Rbmmuoavjkz8.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
latua.nsupdate.info:7722
fanta.nsupdate.info:7722
coke.nsupdate.info:7722
Targets
-
-
Target
Rbmmuoavjkz8.exe
-
Size
1.2MB
-
MD5
92a24000ceaaf6dfffe49237ce46c711
-
SHA1
8ddd627b8f77d01d3f20541e66c43f6196573e12
-
SHA256
c9a855a5da51e96ec9c3c59f6331939b49bbdee2d9309f61ce92e326abdb3895
-
SHA512
6ecb7e65b795f7bc4984d2b6b5a4b622d7d3979d24ce414e6373e58ad834b1161870489ab5efe5c8edfa7ce1b8ff31e06ee8e3ba067a24c7d68dd80cf8504128
-
Suspicious use of SetThreadContext
-