General
-
Target
godflex-r2.exe
-
Size
2.1MB
-
Sample
210101-qkmj5qr8t6
-
MD5
bc9d8bf64ab149a01edd9bfe3cc8dad9
-
SHA1
abb61ea183d5d9e5a2a0f81aeda36abb6adf1aa0
-
SHA256
6624ce134dd16a37d6615483002f24b74c74c55b45259bc5408b7ae804d0fe22
-
SHA512
72330be2414f04a7557caea52739f9e2721b22a73b9416b441875a42f46e531dd51213fd3259e0c862b82035ba68694651ebffe2547370866896fa52ca1df729
Static task
static1
Behavioral task
behavioral1
Sample
godflex-r2.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
193.111.198.220:5861
Targets
-
-
Target
godflex-r2.exe
-
Size
2.1MB
-
MD5
bc9d8bf64ab149a01edd9bfe3cc8dad9
-
SHA1
abb61ea183d5d9e5a2a0f81aeda36abb6adf1aa0
-
SHA256
6624ce134dd16a37d6615483002f24b74c74c55b45259bc5408b7ae804d0fe22
-
SHA512
72330be2414f04a7557caea52739f9e2721b22a73b9416b441875a42f46e531dd51213fd3259e0c862b82035ba68694651ebffe2547370866896fa52ca1df729
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
JavaScript code in executable
-