General
-
Target
Sydler_Remedies_PO-SCAN-3K4RQ4WPJ4.exe
-
Size
290KB
-
Sample
210118-tcwda2ymex
-
MD5
e8f7d121f3d4e0d641a12895c7b287ac
-
SHA1
17757b821ee9b081fcc142dcc7aff5a147de6095
-
SHA256
a2925ab4b7c0267fb273b9125b81673c84525a2e974119dd6c6f3c10ac6675f5
-
SHA512
2ff90e19afd3e9cc902c105ec861b0927b0b665c38b908f4a6f619a75f6568dfa0538900ce44699a7f2e6897d8ae6dabf7addb88b39d47f66edfadf241bdb2ed
Static task
static1
Behavioral task
behavioral1
Sample
Sydler_Remedies_PO-SCAN-3K4RQ4WPJ4.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Sydler_Remedies_PO-SCAN-3K4RQ4WPJ4.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
www.maneediem.com:2404
Targets
-
-
Target
Sydler_Remedies_PO-SCAN-3K4RQ4WPJ4.exe
-
Size
290KB
-
MD5
e8f7d121f3d4e0d641a12895c7b287ac
-
SHA1
17757b821ee9b081fcc142dcc7aff5a147de6095
-
SHA256
a2925ab4b7c0267fb273b9125b81673c84525a2e974119dd6c6f3c10ac6675f5
-
SHA512
2ff90e19afd3e9cc902c105ec861b0927b0b665c38b908f4a6f619a75f6568dfa0538900ce44699a7f2e6897d8ae6dabf7addb88b39d47f66edfadf241bdb2ed
Score10/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-