Extracted

• • Target

    Vidoe001mp4.scr signed FAT11 d.o.o

  • Size

    1.2MB

  • MD5

    0d0c318096299a617f70ea57559c4f55

  • SHA1

    8199b12cc24d416cb8835b5e3d00b92339ad9b45

  • SHA256

    73feac20d7cdbe1e10ca26b196d60d68ea0c4e652ceacf534b1c549e4e597e74

  • SHA512

    b6cfc8df9556683cf4cbef46aa208081853d4132cee94fbcd0a6d9ee2ded5d6dd5987578093eae98c595776b51104613c5bc2e6e42bb543c2c59c2eafa012751

  Score

  10^/10

  spywarebankerbotnetosirisratremcospersistence

  • Osiris

    bankerbotnetosiris

  • Remcos

    Remcos is a closed-source remote control and surveillance software.

    ratremcos

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2