General
-
Target
QUOTATION 19 01 2021.exe
-
Size
862KB
-
Sample
210119-v87jgbxvj2
-
MD5
1ae02a184e418f3791bdf8c969fcbf99
-
SHA1
15714713cf688f8d1b70a35915beeba2c4525f49
-
SHA256
dfd3c33bf7be405cea03a045f3df2d9ff35f04c7da918eb916b6f224a58eea1f
-
SHA512
ab597ddd54faee1a91f16801297363f99881d3d6a7d72bd4259b504644393dcac43467daff7ef97de987308dedfa13b0a68c399fd0849d2e9dabf350930a1968
Static task
static1
Behavioral task
behavioral1
Sample
QUOTATION 19 01 2021.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
87.237.165.162:1011
Targets
-
-
Target
QUOTATION 19 01 2021.exe
-
Size
862KB
-
MD5
1ae02a184e418f3791bdf8c969fcbf99
-
SHA1
15714713cf688f8d1b70a35915beeba2c4525f49
-
SHA256
dfd3c33bf7be405cea03a045f3df2d9ff35f04c7da918eb916b6f224a58eea1f
-
SHA512
ab597ddd54faee1a91f16801297363f99881d3d6a7d72bd4259b504644393dcac43467daff7ef97de987308dedfa13b0a68c399fd0849d2e9dabf350930a1968
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-