remcos | b1f4aa9a46b55d5ade9fd65f2afb175c39be592dc5907611b9db5f86a65d91a1 | Triage

Submit
Reports

Overview

overview

Static

static

BL,IN&PL.exe

windows7_x64

BL,IN&PL.exe

windows10_x64

Sharing

General

Target

BL,IN&PL.exe
Size

641KB
Sample

210107-6y3jjwe9dn
MD5

076d06440c00ad465fe9885fe9d9a70c
SHA1

039aa4ed72df3946d683599817b79442e3273361
SHA256

b1f4aa9a46b55d5ade9fd65f2afb175c39be592dc5907611b9db5f86a65d91a1
SHA512

9feb8bbeed3c6f0d3cf2ce3950651aff42b593dfca8434ca8389fb160b6e71bfae4465fb57cef279325902df027e70f5e4a8124466e6c350620c8f83e799a495

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

BL,IN&PL.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

BL,IN&PL.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

194.5.97.206:2556

Targets

- Target
  
  BL,IN&PL.exe
- Size
  
  641KB
- MD5
  
  076d06440c00ad465fe9885fe9d9a70c
- SHA1
  
  039aa4ed72df3946d683599817b79442e3273361
- SHA256
  
  b1f4aa9a46b55d5ade9fd65f2afb175c39be592dc5907611b9db5f86a65d91a1
- SHA512
  
  9feb8bbeed3c6f0d3cf2ce3950651aff42b593dfca8434ca8389fb160b6e71bfae4465fb57cef279325902df027e70f5e4a8124466e6c350620c8f83e799a495
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy