General
-
Target
SERFINANZAEXTRACTO944199837077212444587235899.exe
-
Size
131KB
-
Sample
210419-8mn2f3meya
-
MD5
dc118f13f61651753aec111329580d88
-
SHA1
b4680650bbdb95b4bb5148d299fc23df7b7b710a
-
SHA256
b9f87900e53b232ee34c913e7b66cc0fa420dd3af54b12ff25fcbf1c64d0d934
-
SHA512
17c1bede09edda68bcdf9eeb5e1386a5491a77ae35c92f4cca966ce6a8eb18c41430dee991c65a1d6deea28a5a2bba9f454c9c0f162aac83e0c1759619ecde0a
Static task
static1
Behavioral task
behavioral1
Sample
SERFINANZAEXTRACTO944199837077212444587235899.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SERFINANZAEXTRACTO944199837077212444587235899.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
SERFINANZAEXTRACTO944199837077212444587235899.exe
-
Size
131KB
-
MD5
dc118f13f61651753aec111329580d88
-
SHA1
b4680650bbdb95b4bb5148d299fc23df7b7b710a
-
SHA256
b9f87900e53b232ee34c913e7b66cc0fa420dd3af54b12ff25fcbf1c64d0d934
-
SHA512
17c1bede09edda68bcdf9eeb5e1386a5491a77ae35c92f4cca966ce6a8eb18c41430dee991c65a1d6deea28a5a2bba9f454c9c0f162aac83e0c1759619ecde0a
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-