General
-
Target
RFQ_211844_PR20Q-6706.pdf.exe
-
Size
798KB
-
Sample
210115-5zwta97166
-
MD5
e906dcfa1f501b9599e0ca8b1948dba9
-
SHA1
f91c2ba6c48e545d5e1573e5af96c70596de6e5a
-
SHA256
0823947e84275cb6348efabe268b0cb461ffc0f9ec3f6a6e97d514bf7cd4310d
-
SHA512
056062ea44ebb7e68b60bf80ecf45fb2eb6e1790023856cf6cdfa1f8c63f5c2232cd2a63d59aee14513e9df309f893d6fe1bee0b6bb1731ba82beec5ec9bfe2c
Static task
static1
Behavioral task
behavioral1
Sample
RFQ_211844_PR20Q-6706.pdf.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
194.5.97.174:1990
Targets
-
-
Target
RFQ_211844_PR20Q-6706.pdf.exe
-
Size
798KB
-
MD5
e906dcfa1f501b9599e0ca8b1948dba9
-
SHA1
f91c2ba6c48e545d5e1573e5af96c70596de6e5a
-
SHA256
0823947e84275cb6348efabe268b0cb461ffc0f9ec3f6a6e97d514bf7cd4310d
-
SHA512
056062ea44ebb7e68b60bf80ecf45fb2eb6e1790023856cf6cdfa1f8c63f5c2232cd2a63d59aee14513e9df309f893d6fe1bee0b6bb1731ba82beec5ec9bfe2c
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-