General
-
Target
Bestel #7507,pdf.exe
-
Size
1.5MB
-
Sample
210120-rljpbmw53s
-
MD5
a7d0fadab38ba5b3f1dbe288b2c79151
-
SHA1
ef2d4d3192334ed86f275704daf6d848b5ab95b0
-
SHA256
fe434d231d4c25398526a8426f47c625c0bdb41c3d11d0787445dcc3192e9eb3
-
SHA512
c95bed218e208addb5e8af6dd7e12255da80231fbe7107ef24d52fca61357429b388c7b537d463bb13af71747d11177e7cfb153b3d1650cdab1d8815cd0734af
Static task
static1
Behavioral task
behavioral1
Sample
Bestel #7507,pdf.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
movement2020.ddns.net:6735
Targets
-
-
Target
Bestel #7507,pdf.exe
-
Size
1.5MB
-
MD5
a7d0fadab38ba5b3f1dbe288b2c79151
-
SHA1
ef2d4d3192334ed86f275704daf6d848b5ab95b0
-
SHA256
fe434d231d4c25398526a8426f47c625c0bdb41c3d11d0787445dcc3192e9eb3
-
SHA512
c95bed218e208addb5e8af6dd7e12255da80231fbe7107ef24d52fca61357429b388c7b537d463bb13af71747d11177e7cfb153b3d1650cdab1d8815cd0734af
-
Drops startup file
-
Suspicious use of SetThreadContext
-