General
-
Target
NEW PURCHASE ORDER LISTED ITEMS.rar
-
Size
458KB
-
Sample
210420-5fgc4tbf9x
-
MD5
4736e19835fac923db7a0d52c2988edd
-
SHA1
6892fe1747a9ba18afdc31c74b1afbed0ac0b684
-
SHA256
9c46d85d692df86280e483d3d3814b0d46f14e9469df7f4f0e53253a1e8f8e98
-
SHA512
2aaf4e00a7b4018fd83f6bd1e4522bae1b08e19a986e739c9d94b55b063e48e2edb53dbea06cf40dccd61f77c49d57cf3d23484b5c8602c8bc1734e4e6edfdf3
Static task
static1
Behavioral task
behavioral1
Sample
NEW PURCHASE ORDER LISTED ITEMS.exe
Resource
win7v20210408
Malware Config
Extracted
remcos
79.134.225.49:1953
Targets
-
-
Target
NEW PURCHASE ORDER LISTED ITEMS.exe
-
Size
645KB
-
MD5
5e8ff1a9ec1192bae73ec97729e46d63
-
SHA1
2efd06ad72483238327a9570043159d0ab9ece34
-
SHA256
15acacbd5c928108c9db5e319f23e493f45c3a0c8e8b979f7e760675f916ae2b
-
SHA512
a083c78f12bb5d40c9141d12781d3bf013347d0345307df1d6533753b40dac5f26e8e75610bc5b84821525670af42cc4a2736ba868359548290985593453e146
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-