Overview

overview

10

Static

static

10

New inquir...30.exe

windows7_x64

10

New inquir...30.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New inquiry CON 20-10630.exe

  • Size

    1.0MB

  • Sample

    210111-pq68v86xva

  • MD5

    81b6d0ccb04d637c5d3531c5db05581e

  • SHA1

    9d91a6242122b0777fa838a8317fc967fb306caa

  • SHA256

    82d86565a1d25c4d51dd3c61b58594769bbdacc7e56baf2d5441f4f8dc36b225

  • SHA512

    eee5f074947c43bdc57fe6a8a286aa5c9732af659babf0e35f3e3f29345b071a0648acb10460b10a0f6a1d4d7e0d8d4d2e9056ae2bef4ef1a7e127aa10ad8810

Score
10/10
modiloaderremcospersistencerat

Malware Config

Targets

    • Target

      New inquiry CON 20-10630.exe

    • Size

      1.0MB

    • MD5

      81b6d0ccb04d637c5d3531c5db05581e

    • SHA1

      9d91a6242122b0777fa838a8317fc967fb306caa

    • SHA256

      82d86565a1d25c4d51dd3c61b58594769bbdacc7e56baf2d5441f4f8dc36b225

    • SHA512

      eee5f074947c43bdc57fe6a8a286aa5c9732af659babf0e35f3e3f29345b071a0648acb10460b10a0f6a1d4d7e0d8d4d2e9056ae2bef4ef1a7e127aa10ad8810

    Score
    10/10
    remcospersistencerat

    • Remcos

      Remcos is a closed-source remote control and surveillance software.

      ratremcos

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks