General
-
Target
000000000900R.exe
-
Size
288KB
-
Sample
210112-49fp69f5nj
-
MD5
59212ff2e885a97ae9065e66e14b3098
-
SHA1
5ffdef8ddb19cc49c8863210ea62b802055073bc
-
SHA256
0760d3239a1163436238b85852142f3477a87dba6f222737db19d99aa48092a7
-
SHA512
045f2e23c5879f20bbc15ffb82c32e17d94331c730e28e68f097d9b8d64a729780da580b4e6ac440aded3ee17278f78930f60d8ebb4c696f18e50d125f377e56
Static task
static1
Behavioral task
behavioral1
Sample
000000000900R.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
45.137.22.52:8780
Targets
-
-
Target
000000000900R.exe
-
Size
288KB
-
MD5
59212ff2e885a97ae9065e66e14b3098
-
SHA1
5ffdef8ddb19cc49c8863210ea62b802055073bc
-
SHA256
0760d3239a1163436238b85852142f3477a87dba6f222737db19d99aa48092a7
-
SHA512
045f2e23c5879f20bbc15ffb82c32e17d94331c730e28e68f097d9b8d64a729780da580b4e6ac440aded3ee17278f78930f60d8ebb4c696f18e50d125f377e56
-
Drops startup file
-
Suspicious use of SetThreadContext
-