General

  • Target

    remcos.exe

  • Size

    649KB

  • Sample

    200709-16x681dfk2

  • MD5

    c088802b03e3bc1ef0082f268847a5f7

  • SHA1

    28fd21058e88cd0e77cc9da119c7b7ecd582e2ac

  • SHA256

    4444f1da7f9b30eb4fb593b9492e42745332402980e118b6a0431c7d1f5670ce

  • SHA512

    6f296335284aa8337a60df52ffae7f87eb29502cea0ab050e2429ad841f79cd757a3e75a75cfb32463458d646d92ead9476c99fa4d058113be02b903b99e0d6a

Score
8/10

Malware Config

Targets

    • Target

      remcos.exe

    • Size

      649KB

    • MD5

      c088802b03e3bc1ef0082f268847a5f7

    • SHA1

      28fd21058e88cd0e77cc9da119c7b7ecd582e2ac

    • SHA256

      4444f1da7f9b30eb4fb593b9492e42745332402980e118b6a0431c7d1f5670ce

    • SHA512

      6f296335284aa8337a60df52ffae7f87eb29502cea0ab050e2429ad841f79cd757a3e75a75cfb32463458d646d92ead9476c99fa4d058113be02b903b99e0d6a

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run entry to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks