Try VMRay Platform
Malicious
Classifications

Injector Backdoor

Threat Names

Remcos Mal/HTMLGen-A

Dynamic Analysis Report

Created on 2023-12-04T21:38:32+00:00

RFQ_PO_december_order_sheet_design_and_ specification_04_12_2023.vbs

VBScript
...

Remarks (1/1)

(0x0200000E): The overall sleep time of all monitored processes was truncated from "6 minutes, 25 seconds" to "30 seconds" to reveal dormant functionality.

Remarks

(0x0200005D): 119 additional dumps with the reason "Content Changed" and a total of 680 MB were skipped because the respective maximum limit was reached.

(0x0200004A): 4 dump(s) were skipped because they exceeded the maximum dump size of 16 MB. The largest one was 407 MB.

Filters:
File Name Category Type Verdict Actions
C:\Users\KEECFM~1\Desktop\RFQ_PO_december_order_sheet_design_and_ specification_04_12_2023.vbs Sample File Text
Malicious
...
»
Also Known As C:\Users\kEecfMwgj\Desktop\RFQ_PO_december_order_sheet_design_and_ specification_04_12_2023.vbs (VM File, Sample File)
MIME Type text/x-vbscript
File Size 27.60 KB
MD5 d233a9e8e5401ee8959b66731313d30f Copy to Clipboard
SHA1 40d2865c8832d02ba3859ec8fce1f04eb7d11c03 Copy to Clipboard
SHA256 7561a5c626310483b34f53a89626636902f32337022230e27c1b26277d87e189 Copy to Clipboard
SSDeep 768:o1lFJLItit1yrYnXS2sUzN+FYAFBp7UAI3Jzz:ubJL8it1yrw3sON+FYNAIFz Copy to Clipboard
ImpHash -
C:\Users\kEecfMwgj\AppData\Roaming\Afgraveex.Kna Downloaded File Text
Suspicious
...
»
MIME Type text/plain
File Size 353.40 KB
MD5 b9ff92918d569a906d3219c2c5540e3d Copy to Clipboard
SHA1 060f6cf5521d8f36deae5de4eb9f97f6eaf7cc95 Copy to Clipboard
SHA256 ca0213339fa254021448b132a403a5a08dcd9cc852eb83a225d5450773dffaca Copy to Clipboard
SSDeep 6144:Kysyrm91pp6/+mfVkHCEPcKyA3Wom0tHUYtGwvTUS5V83h2tskSVSs4g:Ky4H6/aHPcTA3VtHUYvTjsgtsTcm Copy to Clipboard
ImpHash -
c:\programdata\microsoft\network\downloader\qmgr1.dat Dropped File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 4.00 MB
MD5 3e91ebbf2283e6ed9df12f56f9b8c75a Copy to Clipboard
SHA1 aaa5566d39516252257e0bc3b15b5c4142779514 Copy to Clipboard
SHA256 5bcc3f02a287e43ff2ad9c8da1aeffacd2c8c793415d2e5d6f3964e1b7f2fb7c Copy to Clipboard
SSDeep 48:ji3/RXC2ESHF8nR4nSn08l3tyi3qKHv7y+9:jiZXJFKjEpk Copy to Clipboard
ImpHash -
1a26776d0f286f3db1b0afe22e63dffb917c48a03460fef6fbb10c46c8b14ce3 Downloaded File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 483.06 KB
MD5 087081a524984752d8d3d7ca0e57e8b6 Copy to Clipboard
SHA1 0f63e0afdd4f8ef6570ad0e04249ee2370b36775 Copy to Clipboard
SHA256 1a26776d0f286f3db1b0afe22e63dffb917c48a03460fef6fbb10c46c8b14ce3 Copy to Clipboard
SSDeep 12288:vVZcoG8Cst9oPr5hvU6ypsAdsgoDTE38NQq5wpI5nR7s2m:vIoGDst9A5hvByp3dokjpKJTm Copy to Clipboard
ImpHash -
c:\users\keecfmwgj\appdata\roaming\microsoft\windows\ietldcache\index.dat Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 256.00 KB
MD5 54e4a29736de29ffb6be2338168ff79c Copy to Clipboard
SHA1 7cfae7e47d10bbfd9a4431b65ec0ca90b4940fd5 Copy to Clipboard
SHA256 3c7d38aff2dd9e697cd3cc6c0a5d338ff2d0bdb948fb469cd21c76d8c36e53ee Copy to Clipboard
SSDeep 384:p8JEJHNKTPA5ytRaGg1geH6UkLkW5w+oWvucCwvfoJobuWXKbkwnII5pwjIuuQKo:pTHvTNsJdjFQKb/wWcaqvngyfMwL+ Copy to Clipboard
ImpHash -
C:\Users\kEecfMwgj\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 13.50 KB
MD5 6db27aa7fa8e492c0f622640e2c8c5f6 Copy to Clipboard
SHA1 e555215b7b760a333d4f61c58196a94ea6bcd930 Copy to Clipboard
SHA256 fa505b91b47b30f58538a7c25f55f0b8fd19ceeadc63010b7e2691003f203593 Copy to Clipboard
SSDeep 384:wSa5q/4HWrxcVoGIpN6KQkj2ZUpEA4kjh4iUx6:1a5q/4HWrxcV3IpNBQkj2ZUpEAhh4iUA Copy to Clipboard
ImpHash -
C:\Users\kEecfMwgj\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 13.50 KB
MD5 170967cff70f10d4011b9a386879a426 Copy to Clipboard
SHA1 b76b5bc324402c1eefc446d30bb87f870b04296d Copy to Clipboard
SHA256 966575dd0852d7b23ba7523b8d158631fe4581af6212858e24122e9ea50cfbbc Copy to Clipboard
SSDeep 384:tSa5q/4HWrxcVoGIpN6KQkj2ZUpEA4kjh4iUx6:wa5q/4HWrxcV3IpNBQkj2ZUpEAhh4iUA Copy to Clipboard
ImpHash -
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    

     Exit-Icon
    

    

     

      WHOIS Domain Information
     

     

      

       
        Domain Name
       
       
       
      

      

       
        WHOIS Response
       
       
        

       		
      

     

    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image