General
-
Target
QUOTATION 18 1 2021.exe
-
Size
1011KB
-
Sample
210118-3cywatqg9s
-
MD5
86bf1b4b8a10cbad324603bdfe946f90
-
SHA1
efa4298cbc45052986d42c59564ff37b56a61925
-
SHA256
721059bc4edd6685620382cf7c1f86f95f8b20317e4bb22d0e8d364705f73c2e
-
SHA512
78ed2a27fd6496f34314ba2b32e3d37d2f6dd2ac32fd5ec932865087ae2a622ca3dac4e2ae8db69bc014d805f39d6cf2e16edaf654e07d276e355d6c0bd2a106
Static task
static1
Behavioral task
behavioral1
Sample
QUOTATION 18 1 2021.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
79.134.225.100:1011
Targets
-
-
Target
QUOTATION 18 1 2021.exe
-
Size
1011KB
-
MD5
86bf1b4b8a10cbad324603bdfe946f90
-
SHA1
efa4298cbc45052986d42c59564ff37b56a61925
-
SHA256
721059bc4edd6685620382cf7c1f86f95f8b20317e4bb22d0e8d364705f73c2e
-
SHA512
78ed2a27fd6496f34314ba2b32e3d37d2f6dd2ac32fd5ec932865087ae2a622ca3dac4e2ae8db69bc014d805f39d6cf2e16edaf654e07d276e355d6c0bd2a106
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-