General
-
Target
SERFINANZAEXTRACTO283816558547438357773985414.exe
-
Size
128KB
-
Sample
210419-6shx5y4ys6
-
MD5
b82490dbb12159cc752ec64995dd7348
-
SHA1
efffc1c5cb6674da0fa4ea282cb7029284a49bef
-
SHA256
ae0e4f562ecbe6754699d92948d01d4080401d92bb2778e0d2f2ca7caf787cee
-
SHA512
49823e6a327d9540bf4ca8a31e8abf598ce27a8d7fb6a12ee6f86e9d2c170877eb4c4b73ada4864d3bdf91b50673a9d7b504ba1e01f24401391d5cb4775f9218
Static task
static1
Behavioral task
behavioral1
Sample
SERFINANZAEXTRACTO283816558547438357773985414.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SERFINANZAEXTRACTO283816558547438357773985414.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
SERFINANZAEXTRACTO283816558547438357773985414.exe
-
Size
128KB
-
MD5
b82490dbb12159cc752ec64995dd7348
-
SHA1
efffc1c5cb6674da0fa4ea282cb7029284a49bef
-
SHA256
ae0e4f562ecbe6754699d92948d01d4080401d92bb2778e0d2f2ca7caf787cee
-
SHA512
49823e6a327d9540bf4ca8a31e8abf598ce27a8d7fb6a12ee6f86e9d2c170877eb4c4b73ada4864d3bdf91b50673a9d7b504ba1e01f24401391d5cb4775f9218
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-