General
-
Target
atiflash_293.sfx.exe
-
Size
6.5MB
-
Sample
210112-vdfste1nlx
-
MD5
6e1b3fc0daa62b5de4bdbc7d694c0e15
-
SHA1
3c6e62e21f2b58461c4b888f55ee2c1a5712003a
-
SHA256
d1a4049ba690a122863c55c4c7b35e18fdd25225dcb1f5e0a08a7c9f8ddb77be
-
SHA512
9f9171ed2c22e63c72fd980d6960b0c0876a2f0bc41dc3b8c6a99b679f2947de6fdd73e070bd7bb2de59af5040644e058bdb575c58ac535861b7810d6422aecb
Static task
static1
Behavioral task
behavioral1
Sample
atiflash_293.sfx.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
5.45.87.29:8000
Targets
-
-
Target
atiflash_293.sfx.exe
-
Size
6.5MB
-
MD5
6e1b3fc0daa62b5de4bdbc7d694c0e15
-
SHA1
3c6e62e21f2b58461c4b888f55ee2c1a5712003a
-
SHA256
d1a4049ba690a122863c55c4c7b35e18fdd25225dcb1f5e0a08a7c9f8ddb77be
-
SHA512
9f9171ed2c22e63c72fd980d6960b0c0876a2f0bc41dc3b8c6a99b679f2947de6fdd73e070bd7bb2de59af5040644e058bdb575c58ac535861b7810d6422aecb
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
JavaScript code in executable
-