General
-
Target
Urgente RFQ_AP65425652_032421,pdf.exe
-
Size
780KB
-
Sample
210414-adtzsy99r6
-
MD5
d52e2a012af5c07a04750f9afd837f6b
-
SHA1
fd110cd83cd65e3499ea75d41b259303fdb2200c
-
SHA256
40c24c9db30fb9576c068e8ba344a31de97ed75448354c910f40a7ad38ab5850
-
SHA512
cbebd2bcee2c9d21f3c82d2fa662a1ddd56a36e09df93ac1301fb785f384a5728686e29f62b459ff2fa14ee3681468776a1c202738050844ae024526492e71ab
Static task
static1
Behavioral task
behavioral1
Sample
Urgente RFQ_AP65425652_032421,pdf.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Urgente RFQ_AP65425652_032421,pdf.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
goddywin.freedynamicdns.net:6712
Targets
-
-
Target
Urgente RFQ_AP65425652_032421,pdf.exe
-
Size
780KB
-
MD5
d52e2a012af5c07a04750f9afd837f6b
-
SHA1
fd110cd83cd65e3499ea75d41b259303fdb2200c
-
SHA256
40c24c9db30fb9576c068e8ba344a31de97ed75448354c910f40a7ad38ab5850
-
SHA512
cbebd2bcee2c9d21f3c82d2fa662a1ddd56a36e09df93ac1301fb785f384a5728686e29f62b459ff2fa14ee3681468776a1c202738050844ae024526492e71ab
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-