General
-
Target
cc3726779f54ba22b88d7a0e30e7e9cd.exe
-
Size
1.0MB
-
Sample
210422-wdgqka8xgj
-
MD5
cc3726779f54ba22b88d7a0e30e7e9cd
-
SHA1
7a8035eea04ffc3e5bd85deefcc6fe6c632331dd
-
SHA256
980b7e35e43b7589eb7dec6571e43fb6d3589c17559ac14d80115f6b575fc60a
-
SHA512
aaf8c8619ff8cb101b0175fe08c0169c809450e430d45bfcbf443424faf0aeec8743d339ed6f05151bf34943b7565196341321e378a2b353cb840d02c5e9d6fc
Static task
static1
Behavioral task
behavioral1
Sample
cc3726779f54ba22b88d7a0e30e7e9cd.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
cc3726779f54ba22b88d7a0e30e7e9cd.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
fieldsdegreenf.duckdns.org:6553
aaeeerbbbeee.duckdns.org:6553
Targets
-
-
Target
cc3726779f54ba22b88d7a0e30e7e9cd.exe
-
Size
1.0MB
-
MD5
cc3726779f54ba22b88d7a0e30e7e9cd
-
SHA1
7a8035eea04ffc3e5bd85deefcc6fe6c632331dd
-
SHA256
980b7e35e43b7589eb7dec6571e43fb6d3589c17559ac14d80115f6b575fc60a
-
SHA512
aaf8c8619ff8cb101b0175fe08c0169c809450e430d45bfcbf443424faf0aeec8743d339ed6f05151bf34943b7565196341321e378a2b353cb840d02c5e9d6fc
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-