General
-
Target
Factura Serfinanza049997609832517851274630184.exe
-
Size
1.8MB
-
Sample
210503-k7pycv31gn
-
MD5
78ae2bb47e68026583b48b2f93c7c00d
-
SHA1
93c92695574540ac6f927818ea2814e614b44c9b
-
SHA256
cde072db2b4374550769689ef072dba357436e36d2e75c1398d24896e0deaeb1
-
SHA512
d1aef3116b1949ea566f4d75cf12b97d29aba6f52a9714688414be8d7e064a0d4e4f099f1527293051a7c13ffa4117273ede055a2d9ce40decc9aa88b75577dc
Static task
static1
Behavioral task
behavioral1
Sample
Factura Serfinanza049997609832517851274630184.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Factura Serfinanza049997609832517851274630184.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
databasepropersonombrecomercialideasearchwords.services:3521
Targets
-
-
Target
Factura Serfinanza049997609832517851274630184.exe
-
Size
1.8MB
-
MD5
78ae2bb47e68026583b48b2f93c7c00d
-
SHA1
93c92695574540ac6f927818ea2814e614b44c9b
-
SHA256
cde072db2b4374550769689ef072dba357436e36d2e75c1398d24896e0deaeb1
-
SHA512
d1aef3116b1949ea566f4d75cf12b97d29aba6f52a9714688414be8d7e064a0d4e4f099f1527293051a7c13ffa4117273ede055a2d9ce40decc9aa88b75577dc
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-