General
-
Target
Trust Duo Medicate Invoice_93838376389389363738938737633.exe
-
Size
704KB
-
Sample
210510-3yhxkvm23j
-
MD5
7119c9e0e31551124c125d714e35bd1d
-
SHA1
628a5b9fd78e6d1d64eb7132aa84c017b0a6ca42
-
SHA256
c3ce62a44812edeca97182d5f26639b222ebe684021e7a7b922a499bd32d7f95
-
SHA512
300c2520745bc8b7ce839df746e9fba002b5c2e36c7d2837647975db8389e9b4ea944ee5f7163c80d273e51d2f9e8e84559f09f018d16d457470a73801e4f085
Static task
static1
Behavioral task
behavioral1
Sample
Trust Duo Medicate Invoice_93838376389389363738938737633.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Trust Duo Medicate Invoice_93838376389389363738938737633.exe
Resource
win10v20210408
Malware Config
Extracted
remcos
216.38.7.225:6524
Targets
-
-
Target
Trust Duo Medicate Invoice_93838376389389363738938737633.exe
-
Size
704KB
-
MD5
7119c9e0e31551124c125d714e35bd1d
-
SHA1
628a5b9fd78e6d1d64eb7132aa84c017b0a6ca42
-
SHA256
c3ce62a44812edeca97182d5f26639b222ebe684021e7a7b922a499bd32d7f95
-
SHA512
300c2520745bc8b7ce839df746e9fba002b5c2e36c7d2837647975db8389e9b4ea944ee5f7163c80d273e51d2f9e8e84559f09f018d16d457470a73801e4f085
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Adds Run key to start application
-