General
-
Target
OverdriveNTool_0.2.9 (84).zip
-
Size
2.2MB
-
Sample
210426-8pzffmfdba
-
MD5
1f4251f09aec1920ac72bb37967ebcae
-
SHA1
e01f7025a3323df7d68adf49782fc01632075187
-
SHA256
aba85e8ab8882d34a14f58f6b2ca9bdfb6749b72c0277788271f7f7b8d7a1e25
-
SHA512
e6994f56d2a0eddf0c5ca803edd3380049bb0cacafa47f987cfbf4b5a24cedc09dc2df44c15e0ae656dad32ea826b60c01544405a23140978adeadb0ba987bd6
Static task
static1
Behavioral task
behavioral1
Sample
OverdriveNTool_0.2.9/OverdriveNTool.exe
Resource
win7v20210408
Malware Config
Extracted
remcos
37.1.206.16:7373
Targets
-
-
Target
OverdriveNTool_0.2.9/OverdriveNTool.exe
-
Size
2.9MB
-
MD5
b64dbdbb60d0edab5bf3608d9973d7b5
-
SHA1
470ec316274648567965ac7912cb8fbfc5763c47
-
SHA256
731f26f74722af06e463904102705bc856f20852faecb08b5fda6b7bc0e5539c
-
SHA512
2d21e148db3e5a60075609ca0b4e5cabba7bf15299ed49ebe81f73844440090f8d935e919e2e7368927890b4d51514518bf9467ab01a1db0a3bbae50153719a9
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-