General
-
Target
Factura Serfinanza_031796927323_096721_5976158998367620_326563_08900792964825324_20917639155821_pdf.exe
-
Size
1.1MB
-
Sample
201228-e5svjtgt3a
-
MD5
7e0cf5dc618d5b851c465b683184485d
-
SHA1
c3dc0ab54014b13bd00cdcdf93b46441ca25c83d
-
SHA256
c18f07d962d9753b946c6aa1b3af535f55c3cdc15e55fa647546a4cfd09796ca
-
SHA512
61280ad02a0d19dee59b8082fb8ab1362cded538f4737d78d572cd203d547b113adbfae4cebe661667d45d8410fc874134f602dbec8b3e7bd034b184cdbb0610
Static task
static1
Behavioral task
behavioral1
Sample
Factura Serfinanza_031796927323_096721_5976158998367620_326563_08900792964825324_20917639155821_pdf.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Factura Serfinanza_031796927323_096721_5976158998367620_326563_08900792964825324_20917639155821_pdf.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:7680
Targets
-
-
Target
Factura Serfinanza_031796927323_096721_5976158998367620_326563_08900792964825324_20917639155821_pdf.exe
-
Size
1.1MB
-
MD5
7e0cf5dc618d5b851c465b683184485d
-
SHA1
c3dc0ab54014b13bd00cdcdf93b46441ca25c83d
-
SHA256
c18f07d962d9753b946c6aa1b3af535f55c3cdc15e55fa647546a4cfd09796ca
-
SHA512
61280ad02a0d19dee59b8082fb8ab1362cded538f4737d78d572cd203d547b113adbfae4cebe661667d45d8410fc874134f602dbec8b3e7bd034b184cdbb0610
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-