General
-
Target
PREAMBPORLITIGIGREPDF3543330006 PREAMBPORLITIGIGREPDF3543330008.exe
-
Size
893KB
-
Sample
210427-9grp6ddzhs
-
MD5
1b19f27f2a45dfeef263dc48354b5c61
-
SHA1
0e7fc23fa3745791e8863f0b478a1a9317f4437a
-
SHA256
4bed7aed798d98fcfa3b2bad84a3811f4c86aec3b3b201f22925c03a64ca83bf
-
SHA512
774e88ee1a24b78aba946e41a8259baa63ff0c3019fd9a230a1f98021a5c3b5b7f8cbb48d75bdfe5474934b53a0222c5582c8f98871e1c7fa4a9108899749c64
Static task
static1
Behavioral task
behavioral1
Sample
PREAMBPORLITIGIGREPDF3543330006 PREAMBPORLITIGIGREPDF3543330008.exe
Resource
win7v20210408
Malware Config
Extracted
remcos
yuyitosjs.duckdns.org:1717
Targets
-
-
Target
PREAMBPORLITIGIGREPDF3543330006 PREAMBPORLITIGIGREPDF3543330008.exe
-
Size
893KB
-
MD5
1b19f27f2a45dfeef263dc48354b5c61
-
SHA1
0e7fc23fa3745791e8863f0b478a1a9317f4437a
-
SHA256
4bed7aed798d98fcfa3b2bad84a3811f4c86aec3b3b201f22925c03a64ca83bf
-
SHA512
774e88ee1a24b78aba946e41a8259baa63ff0c3019fd9a230a1f98021a5c3b5b7f8cbb48d75bdfe5474934b53a0222c5582c8f98871e1c7fa4a9108899749c64
-
Suspicious use of SetThreadContext
-