General
-
Target
DHL1.exe
-
Size
486KB
-
Sample
210105-h8band2am2
-
MD5
769cad9655cea5fd5955cc86b5e0c87d
-
SHA1
d838dfb733cc4017890c5d036a7517de1e70d3fe
-
SHA256
b67361c9d7c2bcbe7e94b698f4d5abd1e6ffd96429d2c66dcfd92a573303e4f0
-
SHA512
f9d5aa31daff55631fbf2402bfdc20dc5503e5423db5f75fdbd2fbe76650cbe1db36e5918c67c1757e41b43b7f0f5bc53fa613595bf955f5447c60c08c216a67
Static task
static1
Behavioral task
behavioral1
Sample
DHL1.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
u875414.nvpn.to:2404
u875414.duckdns.org:2404
u875414.ddns.net:2404
u875414.nsupdate.info:2404
Targets
-
-
Target
DHL1.exe
-
Size
486KB
-
MD5
769cad9655cea5fd5955cc86b5e0c87d
-
SHA1
d838dfb733cc4017890c5d036a7517de1e70d3fe
-
SHA256
b67361c9d7c2bcbe7e94b698f4d5abd1e6ffd96429d2c66dcfd92a573303e4f0
-
SHA512
f9d5aa31daff55631fbf2402bfdc20dc5503e5423db5f75fdbd2fbe76650cbe1db36e5918c67c1757e41b43b7f0f5bc53fa613595bf955f5447c60c08c216a67
-
Suspicious use of SetThreadContext
-