General
-
Target
Property.hta
-
Size
892B
-
Sample
210421-zrcbpgym8n
-
MD5
aa6ce10d162230b25a61485b825e63f7
-
SHA1
3c67a18949e8ce67895f3faecd1ad0700afcb676
-
SHA256
59d9dea1d62242b9bef74b91343ed8ef56525dfd9d0a9014494f487a15686fc0
-
SHA512
5f4d58f15b5020fb0506ce52b09737ba7beb0743a1bc1b77086ec16875f30e3114e84ae3f8a18b19755634ec124cb5254da2d24901317ab98591b20750c9de45
Static task
static1
Behavioral task
behavioral1
Sample
Property.hta
Resource
win7v20210408
Malware Config
Extracted
remcos
194.5.97.183:8888
Targets
-
-
Target
Property.hta
-
Size
892B
-
MD5
aa6ce10d162230b25a61485b825e63f7
-
SHA1
3c67a18949e8ce67895f3faecd1ad0700afcb676
-
SHA256
59d9dea1d62242b9bef74b91343ed8ef56525dfd9d0a9014494f487a15686fc0
-
SHA512
5f4d58f15b5020fb0506ce52b09737ba7beb0743a1bc1b77086ec16875f30e3114e84ae3f8a18b19755634ec124cb5254da2d24901317ab98591b20750c9de45
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-