General
-
Target
Factura Serfinanza022880209777477966487010096.exe
-
Size
135KB
-
Sample
210419-cfayvp3sya
-
MD5
8ee3cff17a552175cd7d2bcf92b4bc51
-
SHA1
e4b7f445dd5811f937d4978689f3643113a1dc2f
-
SHA256
7db8c02cc05e287e3d0219807e5e505b44f19180fa6401bc47107e92f36dd3ff
-
SHA512
8a54cee30ce735b08880165be18272f318d6c44c741fa89eee61ef05922ccbcb7f233aa74c9c576a54d5c607a36b74190b8c5c1f794aeb8681bea06caa37357d
Static task
static1
Behavioral task
behavioral1
Sample
Factura Serfinanza022880209777477966487010096.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Factura Serfinanza022880209777477966487010096.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
Factura Serfinanza022880209777477966487010096.exe
-
Size
135KB
-
MD5
8ee3cff17a552175cd7d2bcf92b4bc51
-
SHA1
e4b7f445dd5811f937d4978689f3643113a1dc2f
-
SHA256
7db8c02cc05e287e3d0219807e5e505b44f19180fa6401bc47107e92f36dd3ff
-
SHA512
8a54cee30ce735b08880165be18272f318d6c44c741fa89eee61ef05922ccbcb7f233aa74c9c576a54d5c607a36b74190b8c5c1f794aeb8681bea06caa37357d
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-