Revised_Order_Document‮fdp[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

1

Revised_Or...dp.scr

windows7-x64

Revised_Or...dp.scr

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Revised_Order_Document‮fdp.scr

Resource

win7-20230220-en

remcos remotehost rat

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

Revised_Order_Document‮fdp.scr

Resource

win10v2004-20230220-en

remcos remotehost microsoft phishing rat

windows10-2004-x64

17 signatures

150 seconds

General

Target

Revised_Order_Document‮fdp.zip
Size

1.6MB
MD5

dc000f8d7b1a5d7ac4f41a6ebf47e106
SHA1

1099300f5eb9aaf3a544b4d02b305754ffe1056c
SHA256

e5ce666cd121335782af08f14bbe122ee6cb723f4d4bafd4ec76cf6ed34f3e1a
SHA512

88dff0e9ca56750d693b9ead0db1b890d8a646ca5be43f9ad65c0ae16b2ee4f2d82f75f692b01a83bc3b6bf4676c07ebc925a8d82ca45fd73fdabbd634c70d9a
SSDEEP

49152:dG8VYw7IfiGTZvqUpeT/l5ZC0qJz7YMZgU:dRew7mpyRDnZC0KYMZt

Score

1^/10

Malware Config

Signatures

Files

Revised_Order_Document‮fdp.zip
.zip

Password: Noor_Al_Hutaib
Revised_Order_Document‮fdp.Scr
.exe windows x86

Password: Noor_Al_Hutaib

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 300.2MB - Virtual size: 300.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy