General
-
Target
TASK RFQ TK011521.exe
-
Size
901KB
-
Sample
210115-dxfs5emyvn
-
MD5
9618ffdc9d54fb0d153fb47e7e323983
-
SHA1
c3da94a42035f6b913ea6cd2b2e477bd8a71787d
-
SHA256
defe000395c5932a94450bd21a142a954d5113da26ee5127e8cab0980a62b042
-
SHA512
67cbb8bb38278b3c6fbf974092cc77b7d17902c89a6d09d5ece7f84f7eda259b28f7ba9362f4c1a111b0d7b1205724a8d7ff21d2ca599d1eeafc0b6032fc435e
Static task
static1
Behavioral task
behavioral1
Sample
TASK RFQ TK011521.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
jackpiaau.duckdns.org:4902
ihechi.ddns.net:4902
Targets
-
-
Target
TASK RFQ TK011521.exe
-
Size
901KB
-
MD5
9618ffdc9d54fb0d153fb47e7e323983
-
SHA1
c3da94a42035f6b913ea6cd2b2e477bd8a71787d
-
SHA256
defe000395c5932a94450bd21a142a954d5113da26ee5127e8cab0980a62b042
-
SHA512
67cbb8bb38278b3c6fbf974092cc77b7d17902c89a6d09d5ece7f84f7eda259b28f7ba9362f4c1a111b0d7b1205724a8d7ff21d2ca599d1eeafc0b6032fc435e
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-