Overview

overview

10

Static

static

10

46578af72e...a6.exe

windows7-x64

10

46578af72e...a6.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.eb5c869423632f5d3fe31cbbe85bfdbcbin_JC.zip

  • Size

    215KB

  • MD5

    43d7499d8207ce1701ddf049fb034c49

  • SHA1

    db0cc8d9192ffebd9839ef937834afa659123d21

  • SHA256

    448a7859f333f947c36aa0141e723226041e1aa24dd33a9fc844b34c364d847d

  • SHA512

    b93c95b811e74f1674989d8b6c530b9a0c7d25a2f1afa615f8801ff6a6296cb6aeed8bc90c402ed9f5508fa539cbf22905beacc6aba83071b7e55bde979646d8

  • SSDEEP

    3072:p1KBr8hYqHOtS2S8l4GimA5EKKGtU4QtHz2oBkb8shf5MPJOZM1k4JeV6xQlI3jE:QNNxV6omRhhF42VEnWa+6Or2/E4e

Score
10/10
upxremcos

Malware Config

Signatures

  • Remcos family
    remcos
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.eb5c869423632f5d3fe31cbbe85bfdbcbin_JC.zip
    .zip

    Password: infected

  • 46578af72eee4fa34a150d0f9409041fcdad17a061e77f1017640ef7373a6da6.exe
    .exe windows:5 windows x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86


    Headers

    Sections