Extracted

• • Target

    ORDER SHEET & SAMPLES_pdf.exe

  • Size

    1.0MB

  • MD5

    aee4b8f4f0796c4945908b4ef5aa3457

  • SHA1

    9154bf79d84c17e64290cbaa83835965da7fbed6

  • SHA256

    3c0df5607ab1e7bf906ce2be36ee0bb970c26baf19710f0c195ca9356a2d918f

  • SHA512

    3dae1280754ffb56fae642350b215354304320043555b4ac3698bd094e76e26f123203baff8be8f9f4f1544c0ba30551f5a0729d9c1b0b04e11ad7f0e5d45279

  Score

  10^/10

  remcosagilenetrat

  • Remcos

    Remcos is a closed-source remote control and surveillance software.

    ratremcos

  • Executes dropped EXE

  • Loads dropped DLL

  • Obfuscated with Agile.Net obfuscator

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet

  • Suspicious use of SetThreadContext

  behavioral1behavioral2