remcos | dcbd91d1d7361dc9b34c907f1d1d2677837ce29f6f3ab3f4994bb82ccce88dc5 | Triage

Submit
Reports

Overview

overview

Static

static

DOCUMENTAC...28.exe

windows7_x64

DOCUMENTAC...28.exe

windows10_x64

Sharing

General

Target

DOCUMENTACIONJUXGADOPROCESAL68584983243128.exe
Size

378KB
Sample

201230-hw9a8w68ta
MD5

291b17288e1b5919f9bf5173a3519cb3
SHA1

b88282c8e5a7546dd6363653bc68d1353163d3f6
SHA256

dcbd91d1d7361dc9b34c907f1d1d2677837ce29f6f3ab3f4994bb82ccce88dc5
SHA512

5fb634203786a7401ce15f55d433b19546a640747f9482f8a906464fca58b5e5d7696a618f721f32e0d73c02a256a74335803344b646891b0943303e122eba0a

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

DOCUMENTACIONJUXGADOPROCESAL68584983243128.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DOCUMENTACIONJUXGADOPROCESAL68584983243128.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

jueces23.duckdns.org:1212

Targets

- Target
  
  DOCUMENTACIONJUXGADOPROCESAL68584983243128.exe
- Size
  
  378KB
- MD5
  
  291b17288e1b5919f9bf5173a3519cb3
- SHA1
  
  b88282c8e5a7546dd6363653bc68d1353163d3f6
- SHA256
  
  dcbd91d1d7361dc9b34c907f1d1d2677837ce29f6f3ab3f4994bb82ccce88dc5
- SHA512
  
  5fb634203786a7401ce15f55d433b19546a640747f9482f8a906464fca58b5e5d7696a618f721f32e0d73c02a256a74335803344b646891b0943303e122eba0a
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy