Try VMRay Platform
Malicious
Classifications

Injector Backdoor

Threat Names

Remcos Mal/Generic-S

Dynamic Analysis Report

Created on 2024-06-22T07:17:15+00:00

DHL_Shipping_Invoice_Awb_0000000.vbs

VBScript
...

Remarks (1/1)

(0x0200000E): The overall sleep time of all monitored processes was truncated from "7 minutes, 15 seconds" to "30 seconds" to reveal dormant functionality.

Remarks

(0x0200004A): 3 dump(s) were skipped because they exceeded the maximum dump size of 16 MB. The largest one was 407 MB.

Filters:
File Name Category Type Verdict Actions
C:\Users\kEecfMwgj\Desktop\DHL_Shipping_Invoice_Awb_0000000.vbs Sample File Text
Malicious
...
»
Also Known As C:\Users\KEECFM~1\Desktop\DHL_Shipping_Invoice_Awb_0000000.vbs (Accessed File)
MIME Type text/x-vbscript
File Size 12.00 KB
MD5 c97258c9b896f402718149186be9ed1d Copy to Clipboard
SHA1 b92a1f667449e9938bdbb232bb1027e42b95475b Copy to Clipboard
SHA256 c8752c52764d7a7a3d3e6f4a40ea66642c56ccba561144e454d04abd40877947 Copy to Clipboard
SSDeep 192:E57VXYUwlVwjsaDa1csT2mk8SJMxeJNJWVy0pbNSX4kNs6/WH7gnw/9oFJx2tbye:YZXlUWBQc9VAzpwsNb2wFoFJUtWhYr Copy to Clipboard
ImpHash -
File Reputation Information
»
Verdict
Malicious
Names Mal/Generic-S
C:\Users\kEecfMwgj\AppData\Roaming\Bygningskonduktr.Adm Downloaded File Text
Clean
...
»
MIME Type text/plain
File Size 508.71 KB
MD5 a98ab61de8988f590cb619a61a0177b4 Copy to Clipboard
SHA1 52a7655ffd255924d19b7c24759aa33fdfcfdadd Copy to Clipboard
SHA256 f107ac1527d495e76fd9dc3b09df1b1f1984dec45684ea829a9e62e5bec2c15c Copy to Clipboard
SSDeep 12288:O55EBus93ZixRfS30EFakh9uy+ukBuHWtQkEbSoi9:Ks7JixRq30UX5pR2GkE+oi9 Copy to Clipboard
ImpHash -
30e8738bc0866ec1791e6c1058638cb9a0e00f8185e0a77d969d65f72a3dccd0 Downloaded File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 483.06 KB
MD5 326150b8e2f29afb3eafca47b0a9bf7b Copy to Clipboard
SHA1 afc0894d843f8ed0b1195943df17175a50d78e80 Copy to Clipboard
SHA256 30e8738bc0866ec1791e6c1058638cb9a0e00f8185e0a77d969d65f72a3dccd0 Copy to Clipboard
SSDeep 12288:NdATsEz5skT7cHcl3to5RWSuDvlf9Wqep7eNcxe:N+TsEzC8l3CWRl0qeKaxe Copy to Clipboard
ImpHash -
C:\Users\kEecfMwgj\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 13.50 KB
MD5 170967cff70f10d4011b9a386879a426 Copy to Clipboard
SHA1 b76b5bc324402c1eefc446d30bb87f870b04296d Copy to Clipboard
SHA256 966575dd0852d7b23ba7523b8d158631fe4581af6212858e24122e9ea50cfbbc Copy to Clipboard
SSDeep 384:tSa5q/4HWrxcVoGIpN6KQkj2ZUpEA4kjh4iUx6:wa5q/4HWrxcV3IpNBQkj2ZUpEAhh4iUA Copy to Clipboard
ImpHash -
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    

     Exit-Icon
    

    

     

      WHOIS Domain Information
     

     

      

       
        Domain Name
       
       
       
      

      

       
        WHOIS Response
       
       
        

       		
      

     

    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image