General
-
Target
HSBC1A1B2988TT0180120_PDF.exe
-
Size
332KB
-
Sample
210118-bygcct28ja
-
MD5
ef6a60d48453d28ae1edf388b0c48354
-
SHA1
b3009ecdba328e1c87fc62f97dbb8896b6e8d966
-
SHA256
bf0e82358921791e16998b942e600a500a967f6e5c5b034a675af7e49663a34f
-
SHA512
32e952f00d1baab17be94db8df11f78457b39ff6d1f0f90b024836e4fe24d8a6e49124bea2e7726e1bc9c02c47c08c128e42150ce10a09707ad03c4f7c635542
Static task
static1
Behavioral task
behavioral1
Sample
HSBC1A1B2988TT0180120_PDF.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
jackpiaau.duckdns.org:4902
ihechi.ddns.net:4902
Targets
-
-
Target
HSBC1A1B2988TT0180120_PDF.exe
-
Size
332KB
-
MD5
ef6a60d48453d28ae1edf388b0c48354
-
SHA1
b3009ecdba328e1c87fc62f97dbb8896b6e8d966
-
SHA256
bf0e82358921791e16998b942e600a500a967f6e5c5b034a675af7e49663a34f
-
SHA512
32e952f00d1baab17be94db8df11f78457b39ff6d1f0f90b024836e4fe24d8a6e49124bea2e7726e1bc9c02c47c08c128e42150ce10a09707ad03c4f7c635542
-
Suspicious use of SetThreadContext
-