General
-
Target
NEW PURCHASE ORDER SHEET 04576 pdf.exe
-
Size
948KB
-
Sample
210114-f51jzbg3lx
-
MD5
8d85488ae3a9f7d866e2a694eec75c1f
-
SHA1
9a81c957e4fcc2ea4c0089044154048c91eccd82
-
SHA256
e8fc6222b30e251e6d11e20eb4b315a1b9a389fc076f31963d6780016075b1b4
-
SHA512
09d79e5de54e61018a695fac08f950615f6f64704b983a5b929a318b07c56a575fbeee5b19464d21362389f1672bc8c63df088a2da378914e5106cfbe9845a61
Static task
static1
Behavioral task
behavioral1
Sample
NEW PURCHASE ORDER SHEET 04576 pdf.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
194.5.97.66:1840
Targets
-
-
Target
NEW PURCHASE ORDER SHEET 04576 pdf.exe
-
Size
948KB
-
MD5
8d85488ae3a9f7d866e2a694eec75c1f
-
SHA1
9a81c957e4fcc2ea4c0089044154048c91eccd82
-
SHA256
e8fc6222b30e251e6d11e20eb4b315a1b9a389fc076f31963d6780016075b1b4
-
SHA512
09d79e5de54e61018a695fac08f950615f6f64704b983a5b929a318b07c56a575fbeee5b19464d21362389f1672bc8c63df088a2da378914e5106cfbe9845a61
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-