General
-
Target
atiflash_293.exe
-
Size
2.6MB
-
Sample
210101-d49m727bcn
-
MD5
0e9aa72a849986562d22f61e0fd09086
-
SHA1
410a799cd5ed227384d1aa4e97939dbcc24f0c36
-
SHA256
1202173f3ce4f49947f8e6554991a320c7a6e5faced43bec6a3bd051d13f7666
-
SHA512
2bbf1dcf3979ff40c622a0cd0d90f08953f7de0452bf6b49cfbc1c45f570098591b4054bfeceb2b6035de08afe5d5afc787dcc549024c8747aab6d7ff133b596
Static task
static1
Behavioral task
behavioral1
Sample
atiflash_293.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
5.61.56.10:9003
Targets
-
-
Target
atiflash_293.exe
-
Size
2.6MB
-
MD5
0e9aa72a849986562d22f61e0fd09086
-
SHA1
410a799cd5ed227384d1aa4e97939dbcc24f0c36
-
SHA256
1202173f3ce4f49947f8e6554991a320c7a6e5faced43bec6a3bd051d13f7666
-
SHA512
2bbf1dcf3979ff40c622a0cd0d90f08953f7de0452bf6b49cfbc1c45f570098591b4054bfeceb2b6035de08afe5d5afc787dcc549024c8747aab6d7ff133b596
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
JavaScript code in executable
-