General
-
Target
Fwd request for quotation.exe
-
Size
576KB
-
Sample
210114-4atq2y11j6
-
MD5
10a8dcefb614399d981c930727440c45
-
SHA1
34d59574e7266fab63bb00de7a7877595bf9a607
-
SHA256
a982ada2d2ac5c1f57a98aeb33fb4cb64cf90f04aabba376c675f5a7a086fd60
-
SHA512
8d7f3e44f1d2e42fb1e1eadfc63dc99311e7a73839dcf29362745838a867056bcf9752d0f8128289a4d4df9d2b9da444ea081dae37b0f1d14e2f19430a7e70a4
Static task
static1
Behavioral task
behavioral1
Sample
Fwd request for quotation.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
194.5.97.90:1234
Targets
-
-
Target
Fwd request for quotation.exe
-
Size
576KB
-
MD5
10a8dcefb614399d981c930727440c45
-
SHA1
34d59574e7266fab63bb00de7a7877595bf9a607
-
SHA256
a982ada2d2ac5c1f57a98aeb33fb4cb64cf90f04aabba376c675f5a7a086fd60
-
SHA512
8d7f3e44f1d2e42fb1e1eadfc63dc99311e7a73839dcf29362745838a867056bcf9752d0f8128289a4d4df9d2b9da444ea081dae37b0f1d14e2f19430a7e70a4
-
Suspicious use of SetThreadContext
-