General
-
Target
a609c68b93e5d6a6c73108744c1288fb.exe
-
Size
1.3MB
-
Sample
210119-ngf6s6tm86
-
MD5
a609c68b93e5d6a6c73108744c1288fb
-
SHA1
3a28c194896fcd7281342d5d15c7b9c4c903b8fa
-
SHA256
e7b8c782d225ac304d03ac431fe7665f365612d7230e6ec703c85682b52d3acf
-
SHA512
eaed74930ecf17d7a20ad81c424e17644724b52abf630882e5f654863afdbe8d3a68f5718b431005de3f9162071f1005c5d7727e00dc821d34dcb98a8f58cdac
Static task
static1
Behavioral task
behavioral1
Sample
a609c68b93e5d6a6c73108744c1288fb.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
a609c68b93e5d6a6c73108744c1288fb.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
wedsazxcvfghyuiokjhbnvfcdsaweyplmhbvrtud.ydns.eu:1996
Targets
-
-
Target
a609c68b93e5d6a6c73108744c1288fb.exe
-
Size
1.3MB
-
MD5
a609c68b93e5d6a6c73108744c1288fb
-
SHA1
3a28c194896fcd7281342d5d15c7b9c4c903b8fa
-
SHA256
e7b8c782d225ac304d03ac431fe7665f365612d7230e6ec703c85682b52d3acf
-
SHA512
eaed74930ecf17d7a20ad81c424e17644724b52abf630882e5f654863afdbe8d3a68f5718b431005de3f9162071f1005c5d7727e00dc821d34dcb98a8f58cdac
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-