General
-
Target
atikmdag-patcher_1.4.7.zip
-
Size
5.4MB
-
Sample
210115-gd1yej4p16
-
MD5
76d638ab7f56450b12a72a221f3d1c92
-
SHA1
93a67242f5098eb76ce33c6e6a5db0668e9cf920
-
SHA256
109b8048c135d43e06ca9014242bc8594575b9ba3da2c97ade9ff9bbd37cc7f0
-
SHA512
e41b803960ff5c9f30295d4c341cf22653b6740f98157618dbd1081b8559dac7ac5f9ddd61f21c33f66c26d1f29f009b63cdea3cb9917a4868d390ed9bfd6d37
Static task
static1
Behavioral task
behavioral1
Sample
atikmdag-patcher_1.4.7/atikmdag-patcher.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
5.45.87.29:8000
Targets
-
-
Target
atikmdag-patcher_1.4.7/atikmdag-patcher.exe
-
Size
2.9MB
-
MD5
c38133ac0fdf5c4265c0a144bf8e27b9
-
SHA1
f16f40c915c7a44b144d877108a54bb6f9891704
-
SHA256
f5fd48cb502aac5d090612e1a9d22e62e3788ae4d475206e1b6a0df84a309e1b
-
SHA512
c6f32cbad10790749cb711e427132ed55c7617fb3ab44bcc09decdc1342b759ddd3cc874ac8fa861711fafc969175e58475e42d987500f04fa9f9723122a4004
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-