General
-
Target
Factura Serfinanza089768553548090985869814228.exe
-
Size
183KB
-
Sample
210426-2fx7866gh2
-
MD5
c1b9c27c13f700813890b186b09bf55a
-
SHA1
a816f0a3df54453fd3dec7e91cc17d0eeb74ee81
-
SHA256
e4087f56d9f1aae9eb98d19654465241c4b1c52bac4d7e4c5cbea11cb3244905
-
SHA512
5f03a562eccc1dce9a881c8637a3e4c56e9daeb1869392fa7b4134ec8000800962cc44cd0ef91dd03ff46053db08d767460c9008bb4dfdecc230bb4cd22737d2
Static task
static1
Behavioral task
behavioral1
Sample
Factura Serfinanza089768553548090985869814228.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Factura Serfinanza089768553548090985869814228.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
Factura Serfinanza089768553548090985869814228.exe
-
Size
183KB
-
MD5
c1b9c27c13f700813890b186b09bf55a
-
SHA1
a816f0a3df54453fd3dec7e91cc17d0eeb74ee81
-
SHA256
e4087f56d9f1aae9eb98d19654465241c4b1c52bac4d7e4c5cbea11cb3244905
-
SHA512
5f03a562eccc1dce9a881c8637a3e4c56e9daeb1869392fa7b4134ec8000800962cc44cd0ef91dd03ff46053db08d767460c9008bb4dfdecc230bb4cd22737d2
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-