General
-
Target
zatiwinflash.exe
-
Size
3.9MB
-
Sample
210111-z14zm21ews
-
MD5
b482a15e02f50b37e00a2c4fccaac7f9
-
SHA1
b9874893328b43970e09c9d42319d0c3f044f448
-
SHA256
58c24970b7e3fd8a86585547df9a939b5cf6d5326b798400c804d9f55ddb3b10
-
SHA512
2f7aa997016b6013a41e9d658265fd988ef0e36228bd773414788cafd61d531a30fc060434b5689dd23bd62d00a44642f76434c314dc9b1f6cdf980cc6904512
Static task
static1
Behavioral task
behavioral1
Sample
zatiwinflash.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
94.242.206.175:5883
Targets
-
-
Target
zatiwinflash.exe
-
Size
3.9MB
-
MD5
b482a15e02f50b37e00a2c4fccaac7f9
-
SHA1
b9874893328b43970e09c9d42319d0c3f044f448
-
SHA256
58c24970b7e3fd8a86585547df9a939b5cf6d5326b798400c804d9f55ddb3b10
-
SHA512
2f7aa997016b6013a41e9d658265fd988ef0e36228bd773414788cafd61d531a30fc060434b5689dd23bd62d00a44642f76434c314dc9b1f6cdf980cc6904512
-
Blocklisted process makes network request
-