General
-
Target
4d7715c57054b475521b9528f50d5585.exe
-
Size
1.3MB
-
Sample
210118-v34apkq7e6
-
MD5
4d7715c57054b475521b9528f50d5585
-
SHA1
38a843f92b5d06d522bb06b3b2c158eb45ec5f26
-
SHA256
f08283e69eef4b48bec25a82962517ead7c998619d431b6b9eb9b227ad520e84
-
SHA512
011264fdb4ad9009095ff231961d250953b4736fa5b0dd3eb2b2c50d93670d4645bf53ed26bad67aabf548388b9eea330df5fe6616d91b8a42ce9c503ad3bc84
Static task
static1
Behavioral task
behavioral1
Sample
4d7715c57054b475521b9528f50d5585.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
4d7715c57054b475521b9528f50d5585.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
wedsazxcvfghyuiokjhbnvfcdsaweyplmhbvrtud.ydns.eu:1996
Targets
-
-
Target
4d7715c57054b475521b9528f50d5585.exe
-
Size
1.3MB
-
MD5
4d7715c57054b475521b9528f50d5585
-
SHA1
38a843f92b5d06d522bb06b3b2c158eb45ec5f26
-
SHA256
f08283e69eef4b48bec25a82962517ead7c998619d431b6b9eb9b227ad520e84
-
SHA512
011264fdb4ad9009095ff231961d250953b4736fa5b0dd3eb2b2c50d93670d4645bf53ed26bad67aabf548388b9eea330df5fe6616d91b8a42ce9c503ad3bc84
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-