General
-
Target
Bestel #7507,pdf.exe
-
Size
1.5MB
-
Sample
210120-xvgvk4z35n
-
MD5
3775fc88df2403490658c20413877cbb
-
SHA1
2d7370b167e45a3f4688bc17aaae3f99b8ed7e17
-
SHA256
d03f2261f7184a90148092352ba0ba94efd9ec48a41a7b15510ff95d7c95a762
-
SHA512
8b05ecb651e8ca195713e03d10935d988f59f26ae551af6ebaf04687f855dca38d615f6219b83414e8d61cccb2884f99370e3d69dcc8f5a1a00527bbc79206d7
Static task
static1
Behavioral task
behavioral1
Sample
Bestel #7507,pdf.exe
Resource
win7v20201028
Malware Config
Extracted
remcos
movement2020.ddns.net:6735
Targets
-
-
Target
Bestel #7507,pdf.exe
-
Size
1.5MB
-
MD5
3775fc88df2403490658c20413877cbb
-
SHA1
2d7370b167e45a3f4688bc17aaae3f99b8ed7e17
-
SHA256
d03f2261f7184a90148092352ba0ba94efd9ec48a41a7b15510ff95d7c95a762
-
SHA512
8b05ecb651e8ca195713e03d10935d988f59f26ae551af6ebaf04687f855dca38d615f6219b83414e8d61cccb2884f99370e3d69dcc8f5a1a00527bbc79206d7
-
Drops startup file
-
Suspicious use of SetThreadContext
-