General
-
Target
OverdriveNTool 0.2.8.zip
-
Size
5.9MB
-
Sample
210118-gv8ajazb8a
-
MD5
c8824c5761a3fbe47dabc0cde130b1d7
-
SHA1
35cf87529505999a3810fb66dcd2318c9a1f6422
-
SHA256
ef72ed441c71a243e87b94b8cf265b1d8bc6205dddc51cbd86b252430a6f495a
-
SHA512
b79f1c20e0653a0a361ea2b9277062cba216b96ceea83f795d0a20c2aea1671a56b4618ae3dcdacf1fce9db031098022d13f127f3c1e0945f2d19331a8190961
Static task
static1
Behavioral task
behavioral1
Sample
OverdriveNTool 0.2.8/OverdriveNTool.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
5.45.87.29:8000
Targets
-
-
Target
OverdriveNTool 0.2.8/OverdriveNTool.exe
-
Size
3.0MB
-
MD5
791cfdc666b5c26233e23ebfe588064a
-
SHA1
781b30041f7a9dfbd2050e1f9514e3c946b751c4
-
SHA256
26101a6e025abc1a65c1675503f45a6d067198af56901960dd1b019fbfdacb01
-
SHA512
a59a5931212086b0a252685daaab36136336a51ed8811d7285245e34b803247b25ee116b65346efa698a7eb8793992a7826cf5cd51ac81329630ec9e6394d84f
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-