General
-
Target
Payment_Reminder_UnPaid_PDF.exe
-
Size
752KB
-
Sample
210220-b514g72f52
-
MD5
ceee22cc2421bc32bbbc8c9b57f67b20
-
SHA1
ab1fce0e0b643e5423fb64549c6587105c806974
-
SHA256
5ee204e73d774718f344f40f2345b6eb443ed2da6196aef5cc66e7691f069849
-
SHA512
2dbf18cd9a7e65a26456bad495b45835238890fbbaf417b804f33c2e0123014ddd547c89fceb1e18453db6c8a9088c0ac66794e4917a0609958308855f7b99f9
Static task
static1
Behavioral task
behavioral1
Sample
Payment_Reminder_UnPaid_PDF.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Payment_Reminder_UnPaid_PDF.exe
Resource
win10v20201028
Malware Config
Extracted
raccoon
1810c21452ee0c66739f7a8c548d8faa49e671aa
-
url4cnc
https://telete.in/h_electricryptors_1
Targets
-
-
Target
Payment_Reminder_UnPaid_PDF.exe
-
Size
752KB
-
MD5
ceee22cc2421bc32bbbc8c9b57f67b20
-
SHA1
ab1fce0e0b643e5423fb64549c6587105c806974
-
SHA256
5ee204e73d774718f344f40f2345b6eb443ed2da6196aef5cc66e7691f069849
-
SHA512
2dbf18cd9a7e65a26456bad495b45835238890fbbaf417b804f33c2e0123014ddd547c89fceb1e18453db6c8a9088c0ac66794e4917a0609958308855f7b99f9
-
Suspicious use of SetThreadContext
-