General
-
Target
Scan_Documents-001HD4847DHD346G.rar
-
Size
309KB
-
Sample
210413-jt58xg2pmx
-
MD5
b82d6cd9096026375c0e930ba11d760f
-
SHA1
22588876117b44b97d91e565a11f762e57b4349c
-
SHA256
5968501b6456f12a9f36071f5e663bc48214007b9ff78601cb3e5585b8df29e9
-
SHA512
1194b8d7c1594f3a7f1aa7103d3f5cf2635f6b24a4365848824284558fe2c9ed697d22b24f3d2579ba923655534176a311b416267d7662b87b1f80c78ce5880f
Static task
static1
Behavioral task
behavioral1
Sample
Scan_Documents-001HD4847DHD346G.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Scan_Documents-001HD4847DHD346G.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
www.swqrn.com:16108
Targets
-
-
Target
Scan_Documents-001HD4847DHD346G.exe
-
Size
838KB
-
MD5
303c5d6aa71eede673d90225146fba07
-
SHA1
61e24b0ec1a6933259565c21788e0ccbacd4c630
-
SHA256
6018d6795b86aef8d39205698ca166c8c5d413d06a8a1fa346741bd56ff0e307
-
SHA512
bc584d8b598bf59e4ec1a3b494556df46730fdf31175ac6fdfd4fe8c72781e539d9d082998d7df0b292a3c4212ab16a46a4e734a28b2d0291a016e3bdebd728a
Score10/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-