General
-
Target
SecuriteInfo.com.Trojan.PackedNET.703.21955.2754
-
Size
1.7MB
-
Sample
210505-vad41kxrbe
-
MD5
99e166082b19603ff6c4cbebd2641813
-
SHA1
407f1729ca0abe94a3202789522807683dfe57aa
-
SHA256
52b98cca3167f7f97a7ae7729aeddee0b2280a18841d692697bd6dea415f3abe
-
SHA512
77a55185038a2070b0b6b72248ec199afa3fc0f2c4b5f649fe46db3647683d6ced86b3071c88719c07a77cb269fb1ffdc72fc7ac37cdcaa472c249a3fb5d7b0f
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PackedNET.703.21955.2754.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PackedNET.703.21955.2754.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
hjduiebcvzcalpmjdbcnwqadhsiybcnzxswedgap.ydns.eu:2024
Targets
-
-
Target
SecuriteInfo.com.Trojan.PackedNET.703.21955.2754
-
Size
1.7MB
-
MD5
99e166082b19603ff6c4cbebd2641813
-
SHA1
407f1729ca0abe94a3202789522807683dfe57aa
-
SHA256
52b98cca3167f7f97a7ae7729aeddee0b2280a18841d692697bd6dea415f3abe
-
SHA512
77a55185038a2070b0b6b72248ec199afa3fc0f2c4b5f649fe46db3647683d6ced86b3071c88719c07a77cb269fb1ffdc72fc7ac37cdcaa472c249a3fb5d7b0f
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-