General
-
Target
Appraisa.vbs
-
Size
662B
-
Sample
210421-31rq23ykae
-
MD5
2e95d045ff86903502b52f5fd0976aad
-
SHA1
c74e479ff249f1e8c248b8a67e318a61b1f1d5e4
-
SHA256
dae93e987a854255ff55ce9f62729f17f57d3f8a56933a57cb8de89b698e81f0
-
SHA512
0427fa613d91d41c98dfb7d9a964c74857813959f427eb060a1a39c2cf289235aaa0aec6015cea8d7bd16da1e14bae3ba88c998780d33ea6faf9d0b8102264df
Static task
static1
Behavioral task
behavioral1
Sample
Appraisa.vbs
Resource
win7v20210408
Malware Config
Extracted
remcos
194.5.97.183:8888
Targets
-
-
Target
Appraisa.vbs
-
Size
662B
-
MD5
2e95d045ff86903502b52f5fd0976aad
-
SHA1
c74e479ff249f1e8c248b8a67e318a61b1f1d5e4
-
SHA256
dae93e987a854255ff55ce9f62729f17f57d3f8a56933a57cb8de89b698e81f0
-
SHA512
0427fa613d91d41c98dfb7d9a964c74857813959f427eb060a1a39c2cf289235aaa0aec6015cea8d7bd16da1e14bae3ba88c998780d33ea6faf9d0b8102264df
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-