General
-
Target
HashUpUtility.sfx.exe
-
Size
5.8MB
-
Sample
201224-n4wa1zmkxs
-
MD5
bbb3a49ef87ede0d986947c9a50fcaac
-
SHA1
c89a832fdcb63f8278c1596b3a258abcb179f6eb
-
SHA256
61d9f4cbc76b7889d7d17d262b63c0fd2ee40642653063b1eb6ab84397f8c57b
-
SHA512
f1984dbba8cfa14c664ad99bd48816e7dca81405d7c30a9e2d61b4627b34a6b95797df2715f7b79789e79cc0401bcd8a84a9da12ad7727080322fafd931c108a
Static task
static1
Behavioral task
behavioral1
Sample
HashUpUtility.sfx.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
93.158.208.100:27065
Targets
-
-
Target
HashUpUtility.sfx.exe
-
Size
5.8MB
-
MD5
bbb3a49ef87ede0d986947c9a50fcaac
-
SHA1
c89a832fdcb63f8278c1596b3a258abcb179f6eb
-
SHA256
61d9f4cbc76b7889d7d17d262b63c0fd2ee40642653063b1eb6ab84397f8c57b
-
SHA512
f1984dbba8cfa14c664ad99bd48816e7dca81405d7c30a9e2d61b4627b34a6b95797df2715f7b79789e79cc0401bcd8a84a9da12ad7727080322fafd931c108a
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
JavaScript code in executable
-
Suspicious use of SetThreadContext
-