General
-
Target
SERFINANZAEXTRACTO728296481601298694807375214.exe
-
Size
130KB
-
Sample
210419-7g2ky1kftj
-
MD5
109b6f8dcadd3cd022666186b003e3db
-
SHA1
ef1ffdd909287a5395aa875bcd5a25510c61f3fd
-
SHA256
962166f0ef5b1d6dd3e73c03575b5de20220feabe4f13a63d6441e66d1164563
-
SHA512
45cf6a6bad6f5e56a4c07eacceb1aa7c781fb0bf67284450b74e4f14a74a653e9c7e8da1c4a12e2cfee0d74d4ce3dd5b9523837dab68ccd954c99adf08a6a715
Static task
static1
Behavioral task
behavioral1
Sample
SERFINANZAEXTRACTO728296481601298694807375214.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
SERFINANZAEXTRACTO728296481601298694807375214.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
SERFINANZAEXTRACTO728296481601298694807375214.exe
-
Size
130KB
-
MD5
109b6f8dcadd3cd022666186b003e3db
-
SHA1
ef1ffdd909287a5395aa875bcd5a25510c61f3fd
-
SHA256
962166f0ef5b1d6dd3e73c03575b5de20220feabe4f13a63d6441e66d1164563
-
SHA512
45cf6a6bad6f5e56a4c07eacceb1aa7c781fb0bf67284450b74e4f14a74a653e9c7e8da1c4a12e2cfee0d74d4ce3dd5b9523837dab68ccd954c99adf08a6a715
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-