General
-
Target
187e55965acaf3a1b7d4af227b8a97f8.exe
-
Size
1.2MB
-
Sample
210506-99ns4x4ecx
-
MD5
187e55965acaf3a1b7d4af227b8a97f8
-
SHA1
c1a0f081459ba0595aa85a5c14998a853aede3f5
-
SHA256
992ff2cda226636077c32a5481799a950354f4a647bc6a5266cd8b1820902621
-
SHA512
5be926becd069650db79138c6ae7f279193bf17d9e319c5f365d67707a81ae32753c7284ce1a50528e91456b1b4663a59cd3661221a591408f2ec88d6c999fbb
Static task
static1
Behavioral task
behavioral1
Sample
187e55965acaf3a1b7d4af227b8a97f8.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
187e55965acaf3a1b7d4af227b8a97f8.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
wedsazxcvfghyuiokjhbnvfcdsaweyplmhbvrtud.ydns.eu:1996
Targets
-
-
Target
187e55965acaf3a1b7d4af227b8a97f8.exe
-
Size
1.2MB
-
MD5
187e55965acaf3a1b7d4af227b8a97f8
-
SHA1
c1a0f081459ba0595aa85a5c14998a853aede3f5
-
SHA256
992ff2cda226636077c32a5481799a950354f4a647bc6a5266cd8b1820902621
-
SHA512
5be926becd069650db79138c6ae7f279193bf17d9e319c5f365d67707a81ae32753c7284ce1a50528e91456b1b4663a59cd3661221a591408f2ec88d6c999fbb
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-