remcos | 1664c6a330c5b318458518ea71b2a9995a91c79281a050278c3aa2388663a986 | Triage

Submit
Reports

Overview

overview

Static

static

test

windows7_x64

Resubmissions

08-01-2021 14:41

210108-grp8sf6fe6 10

08-01-2021 09:51

210108-9flhx56n16 10

Sharing

General

Target

SecuriteInfo.com.generic.ml.32161
Size

72KB
Sample

210108-grp8sf6fe6
MD5

0640f43c412f8f2c3bf6e1b9139db1d0
SHA1

f07e9e5e618b14b0dd5478cb2a26f42096a10e1d
SHA256

1664c6a330c5b318458518ea71b2a9995a91c79281a050278c3aa2388663a986
SHA512

753029891e9db39d072cce14dd552ef313479ea0cff2e4c3a5591bbf045174ea474e2651c8bdbed5ca30429852f4d28a5126fe99bfcaf9aa9daec30ac46f0a05

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.generic.ml.32161.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.generic.ml.32161
- Size
  
  72KB
- MD5
  
  0640f43c412f8f2c3bf6e1b9139db1d0
- SHA1
  
  f07e9e5e618b14b0dd5478cb2a26f42096a10e1d
- SHA256
  
  1664c6a330c5b318458518ea71b2a9995a91c79281a050278c3aa2388663a986
- SHA512
  
  753029891e9db39d072cce14dd552ef313479ea0cff2e4c3a5591bbf045174ea474e2651c8bdbed5ca30429852f4d28a5126fe99bfcaf9aa9daec30ac46f0a05
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy