General
-
Target
EXTRACTOSERFINANZA149952705997730013733597462.exe
-
Size
175KB
-
Sample
210426-7ghnhgd4ze
-
MD5
7949066c49b82ebce27756a69ee28fee
-
SHA1
20fee757b2258d7a7ed27f1c147753082dbc8548
-
SHA256
dcda7574d5ca6cdca0ee9336b33ef4e63b1a33c96cc1787aa1e42d8a8534c490
-
SHA512
9ca2c9786e2597fa6b318fa6bd28a6a88af251956d80aeb0c039022e70a07a6f9fd4da568daab3c042d1caad6248c80a315b09595aa9ef1102367eb4f23a41d0
Static task
static1
Behavioral task
behavioral1
Sample
EXTRACTOSERFINANZA149952705997730013733597462.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
EXTRACTOSERFINANZA149952705997730013733597462.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
EXTRACTOSERFINANZA149952705997730013733597462.exe
-
Size
175KB
-
MD5
7949066c49b82ebce27756a69ee28fee
-
SHA1
20fee757b2258d7a7ed27f1c147753082dbc8548
-
SHA256
dcda7574d5ca6cdca0ee9336b33ef4e63b1a33c96cc1787aa1e42d8a8534c490
-
SHA512
9ca2c9786e2597fa6b318fa6bd28a6a88af251956d80aeb0c039022e70a07a6f9fd4da568daab3c042d1caad6248c80a315b09595aa9ef1102367eb4f23a41d0
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-