General
-
Target
e8594ea84a7a42ce70570019cff754a6.exe
-
Size
1.3MB
-
Sample
210112-2m2c4r9hex
-
MD5
e8594ea84a7a42ce70570019cff754a6
-
SHA1
28c61ddbc341aff36ef147f1cb9139b7d055caf1
-
SHA256
3e1b557d439ca592c369de0b80c576820f61dcbc12c8babae78f3e30ba34f0af
-
SHA512
2cd119489120dee762c4a7821230f05924e6c99f79d7bc54e0bd4437256ec7526b906fe8f69c959f89ab001a055d6feeaa120e1174998577b17178351c8bf1b9
Static task
static1
Behavioral task
behavioral1
Sample
e8594ea84a7a42ce70570019cff754a6.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
e8594ea84a7a42ce70570019cff754a6.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
swryijgrvcsgkopnmcdertvgdswbvmophtfdczxs.ydns.eu:2017
Targets
-
-
Target
e8594ea84a7a42ce70570019cff754a6.exe
-
Size
1.3MB
-
MD5
e8594ea84a7a42ce70570019cff754a6
-
SHA1
28c61ddbc341aff36ef147f1cb9139b7d055caf1
-
SHA256
3e1b557d439ca592c369de0b80c576820f61dcbc12c8babae78f3e30ba34f0af
-
SHA512
2cd119489120dee762c4a7821230f05924e6c99f79d7bc54e0bd4437256ec7526b906fe8f69c959f89ab001a055d6feeaa120e1174998577b17178351c8bf1b9
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-