General
-
Target
TNT Receipt_AWB no#87993766478,pdf.exe
-
Size
715KB
-
Sample
211029-fs459shcgk
-
MD5
27a9e4f59f0735c1cd5b6fec688fe6f4
-
SHA1
86de7e9b35afb3726a925b1a1b7bd00c81c2f6a9
-
SHA256
64e7a4dbad57f1c217a17ad6214d29230ac8ba813d001fdaa35f17fd83f62cf3
-
SHA512
1bfc5666172ce59267c58d70347060f5b696dc7414bd1b7efc20f8a544da7c671e9943c3e364ddebdbd734e0de14743f5c5244691d7306973486596376bf75e1
Static task
static1
Behavioral task
behavioral1
Sample
TNT Receipt_AWB no#87993766478,pdf.exe
Resource
win7-en-20210920
Malware Config
Targets
-
-
Target
TNT Receipt_AWB no#87993766478,pdf.exe
-
Size
715KB
-
MD5
27a9e4f59f0735c1cd5b6fec688fe6f4
-
SHA1
86de7e9b35afb3726a925b1a1b7bd00c81c2f6a9
-
SHA256
64e7a4dbad57f1c217a17ad6214d29230ac8ba813d001fdaa35f17fd83f62cf3
-
SHA512
1bfc5666172ce59267c58d70347060f5b696dc7414bd1b7efc20f8a544da7c671e9943c3e364ddebdbd734e0de14743f5c5244691d7306973486596376bf75e1
-
suricata: ET MALWARE Remocs 3.x Unencrypted Checkin
suricata: ET MALWARE Remocs 3.x Unencrypted Checkin
-
suricata: ET MALWARE Remocs 3.x Unencrypted Server Response
suricata: ET MALWARE Remocs 3.x Unencrypted Server Response
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-