General
-
Target
atikmdag-patcher 1.4.8.zip
-
Size
5.4MB
-
Sample
210118-69t1fkmm62
-
MD5
36a7d86de9205494b572d9d25b43df16
-
SHA1
fed2bfbb5a6e076402d23cc9a67503d64214e1e2
-
SHA256
08e0470a48ebeeee59903dd283d342ddae4b3b7e3c092fc61719a3bd4f063166
-
SHA512
90a00589faf3bfc2eff115099c2f6aa9aecd24f0e941ec68d13504f0dacdf305602b77946c7291f93985d53b29eee6c92c77c9671e1e4ead6c0762b6e1db1683
Static task
static1
Behavioral task
behavioral1
Sample
atikmdag-patcher 1.4.8/atikmdag-patcher.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
5.45.87.29:8000
Targets
-
-
Target
atikmdag-patcher 1.4.8/atikmdag-patcher.exe
-
Size
2.9MB
-
MD5
5dc2c1bb5ccd25decce1c1814f3435ac
-
SHA1
3bd1484e0eabef3dce07fcefc79995cfaf5a54e8
-
SHA256
cb50306b9f47d5c817c1d700c7533f5b7ed50017b22b7e05fdbf5faddb769198
-
SHA512
ee5557135f179b807026c3b1062781f54978ba75ed932f404fbce6847f9ff2296c1f4455a50aa36ecaa1f0129340ec2feb11d81c6d9055ef633e30e36ae1dae1
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-