General
-
Target
TASK RFQ TK011421.exe
-
Size
1.1MB
-
Sample
210114-g3zfcqxw2a
-
MD5
77bbd1804b806928cedfedac403e6bde
-
SHA1
2e034daa0929154667399674bfe48cbc5a724b40
-
SHA256
5199dc12c469b0f3ea916ec486beb1ce45714b490186624df71a42a2b26abb7d
-
SHA512
4e0fd0b3a5ac6cae895dcd742b05d6ec6b4f86b4cf52df9d6801a8609b19384984742a92c3b13667cee5d67ac020864c77d530a791913088d42c2636d7e0c17f
Static task
static1
Behavioral task
behavioral1
Sample
TASK RFQ TK011421.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
jackpiaau.duckdns.org:4902
ihechi.ddns.net:4902
Targets
-
-
Target
TASK RFQ TK011421.exe
-
Size
1.1MB
-
MD5
77bbd1804b806928cedfedac403e6bde
-
SHA1
2e034daa0929154667399674bfe48cbc5a724b40
-
SHA256
5199dc12c469b0f3ea916ec486beb1ce45714b490186624df71a42a2b26abb7d
-
SHA512
4e0fd0b3a5ac6cae895dcd742b05d6ec6b4f86b4cf52df9d6801a8609b19384984742a92c3b13667cee5d67ac020864c77d530a791913088d42c2636d7e0c17f
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-