General
-
Target
kart gecmisi.exe
-
Size
578KB
-
Sample
210112-l469yarnxe
-
MD5
7495739b74f9944c06d6b005421af606
-
SHA1
79a1d3dc1a2c97c06f8749da5a9f4bc08ecc131f
-
SHA256
dcfaf32061b7ac3546b3d618dfea1372195cc4d57ff21de2cf6c918797cfa788
-
SHA512
3f6de9c9fbf290e9c28e724cfecbd2b00f33d63bd0c21b4da4cbe4d40a8ce62c39b57374da38df0bbd2c2783659c9464bbdd062c786ec96452ccd4d1792534d4
Static task
static1
Behavioral task
behavioral1
Sample
kart gecmisi.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
45.137.22.52:8780
Targets
-
-
Target
kart gecmisi.exe
-
Size
578KB
-
MD5
7495739b74f9944c06d6b005421af606
-
SHA1
79a1d3dc1a2c97c06f8749da5a9f4bc08ecc131f
-
SHA256
dcfaf32061b7ac3546b3d618dfea1372195cc4d57ff21de2cf6c918797cfa788
-
SHA512
3f6de9c9fbf290e9c28e724cfecbd2b00f33d63bd0c21b4da4cbe4d40a8ce62c39b57374da38df0bbd2c2783659c9464bbdd062c786ec96452ccd4d1792534d4
-
Drops startup file
-
Suspicious use of SetThreadContext
-