General
-
Target
SecuriteInfo.com.Trojan.GenericKD.36151210.5662.13366
-
Size
1.3MB
-
Sample
210118-letxnpaqns
-
MD5
40c5609d0196211eae06a33b3bae5ec8
-
SHA1
a97cc0116b12526e68bdc1b7846810977abf6241
-
SHA256
5adf963b1c92ba79a5003d87943b4cb6c8a72fb9db63d8922c43f6631ad27995
-
SHA512
379281e99a5260d17891d9507101d39b3ee1e22c7924fbdb7120bb5af42c69063912a5f114ec258be9dbe41e4d6961098d113e5b3f06c89b9698fec764a68124
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.36151210.5662.13366.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKD.36151210.5662.13366.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
wedsazxcvfghyuiokjhbnvfcdsaweyplmhbvrtud.ydns.eu:1996
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.36151210.5662.13366
-
Size
1.3MB
-
MD5
40c5609d0196211eae06a33b3bae5ec8
-
SHA1
a97cc0116b12526e68bdc1b7846810977abf6241
-
SHA256
5adf963b1c92ba79a5003d87943b4cb6c8a72fb9db63d8922c43f6631ad27995
-
SHA512
379281e99a5260d17891d9507101d39b3ee1e22c7924fbdb7120bb5af42c69063912a5f114ec258be9dbe41e4d6961098d113e5b3f06c89b9698fec764a68124
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-