General
-
Target
Factura Serfinanza_07333334324_62906820_122421665872145481_0242814_732782006747315187_255836870_pdf.exe
-
Size
1.1MB
-
Sample
201228-vw9677k2kx
-
MD5
9fe8183a8b73cd8f0a6462ff590aefb3
-
SHA1
b3dec78c3642ccac9b851c42739f8303c5513951
-
SHA256
c4474ec3fff006547f07255d6934d846e5a298a97a38aff50fcc95e92ee9dfcb
-
SHA512
42dce59f20635112213bae991889b305b9897138701e8a2f17d853ff385833d1686dcf9daea3aa3726c396cc65f9947eb6b56a4b49c97582e34b57ed37e3f13f
Static task
static1
Behavioral task
behavioral1
Sample
Factura Serfinanza_07333334324_62906820_122421665872145481_0242814_732782006747315187_255836870_pdf.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Factura Serfinanza_07333334324_62906820_122421665872145481_0242814_732782006747315187_255836870_pdf.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:7680
Targets
-
-
Target
Factura Serfinanza_07333334324_62906820_122421665872145481_0242814_732782006747315187_255836870_pdf.exe
-
Size
1.1MB
-
MD5
9fe8183a8b73cd8f0a6462ff590aefb3
-
SHA1
b3dec78c3642ccac9b851c42739f8303c5513951
-
SHA256
c4474ec3fff006547f07255d6934d846e5a298a97a38aff50fcc95e92ee9dfcb
-
SHA512
42dce59f20635112213bae991889b305b9897138701e8a2f17d853ff385833d1686dcf9daea3aa3726c396cc65f9947eb6b56a4b49c97582e34b57ed37e3f13f
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-