General
-
Target
ca6d1749f9645475aa7ab0ca268e31ba00817a8c70467c4d6d88bb2ca54d596d
-
Size
335KB
-
Sample
200629-1g6xsg1v16
-
MD5
a6be592fb62d3e95befa3d40fe603f10
-
SHA1
e2531f4fac0b8fcfdf87ab86b5d73a18229416c2
-
SHA256
ca6d1749f9645475aa7ab0ca268e31ba00817a8c70467c4d6d88bb2ca54d596d
-
SHA512
5428156b60a289d7c8009ebeb715d863f9bbd015ae834a4f213570595ca47cb4efb7ca0d16a317e7bb9cfc9123e416970064cf628f31c39ccc714181cb3893b8
Static task
static1
Behavioral task
behavioral1
Sample
ca6d1749f9645475aa7ab0ca268e31ba00817a8c70467c4d6d88bb2ca54d596d.exe
Resource
win7
Behavioral task
behavioral2
Sample
ca6d1749f9645475aa7ab0ca268e31ba00817a8c70467c4d6d88bb2ca54d596d.exe
Resource
win10v200430
Malware Config
Extracted
remcos
youngboss1994.ddns.net:1965
Targets
-
-
Target
ca6d1749f9645475aa7ab0ca268e31ba00817a8c70467c4d6d88bb2ca54d596d
-
Size
335KB
-
MD5
a6be592fb62d3e95befa3d40fe603f10
-
SHA1
e2531f4fac0b8fcfdf87ab86b5d73a18229416c2
-
SHA256
ca6d1749f9645475aa7ab0ca268e31ba00817a8c70467c4d6d88bb2ca54d596d
-
SHA512
5428156b60a289d7c8009ebeb715d863f9bbd015ae834a4f213570595ca47cb4efb7ca0d16a317e7bb9cfc9123e416970064cf628f31c39ccc714181cb3893b8
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-