General
-
Target
Appraisal.vbs
-
Size
713B
-
Sample
210425-3zc1qeze8j
-
MD5
374872083b769268ef5be044031e72cf
-
SHA1
ccb15dd8642387523121e8c67bb8fa41b2b2f966
-
SHA256
5f06da67169389577ec237bfb0c3e0e9203833048f48081deed7b6201ad18c27
-
SHA512
5b97e908e39d61decb10a0b2bdf9d94043d899b86052fcedd598d87a7a610d977b526c5176c91b7bdecacb1a1eb3f39ce3bab9547c253e2b4e17c837dc50de58
Static task
static1
Behavioral task
behavioral1
Sample
Appraisal.vbs
Resource
win7v20210410
Malware Config
Extracted
https://ia601403.us.archive.org/17/items/all_20210425_202104/ALL.TXT
Extracted
remcos
185.19.85.168:1723
Targets
-
-
Target
Appraisal.vbs
-
Size
713B
-
MD5
374872083b769268ef5be044031e72cf
-
SHA1
ccb15dd8642387523121e8c67bb8fa41b2b2f966
-
SHA256
5f06da67169389577ec237bfb0c3e0e9203833048f48081deed7b6201ad18c27
-
SHA512
5b97e908e39d61decb10a0b2bdf9d94043d899b86052fcedd598d87a7a610d977b526c5176c91b7bdecacb1a1eb3f39ce3bab9547c253e2b4e17c837dc50de58
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-