Overview

overview

10

Static

static

GREEN_MEKO...ST.exe

windows7_x64

10

GREEN_MEKO...ST.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GREEN_MEKONG-INQUIRY_LIST.exe

  • Size

    162KB

  • Sample

    210112-klr32rab5s

  • MD5

    42f7af3da7bc34f4c1e1a95ff617dfaa

  • SHA1

    554b5dd09a183b8a69d0be0568ed036036caae2d

  • SHA256

    0854f5df5291e4abbcf7cc57f29b3148007ede15c53f61244f9dfefb9669dc96

  • SHA512

    05d7af43ea27a89195fb6b852b57a06e8990aa95a4d321c709e9ba456c2656ad76d3d81fdc3834a6e56314141683873420f231098d12a5749fb1501029b9a4ef

Score
10/10
remcosrat

Malware Config

Extracted

Family

remcos

C2

212.83.46.26:4045

Targets

    • Target

      GREEN_MEKONG-INQUIRY_LIST.exe

    • Size

      162KB

    • MD5

      42f7af3da7bc34f4c1e1a95ff617dfaa

    • SHA1

      554b5dd09a183b8a69d0be0568ed036036caae2d

    • SHA256

      0854f5df5291e4abbcf7cc57f29b3148007ede15c53f61244f9dfefb9669dc96

    • SHA512

      05d7af43ea27a89195fb6b852b57a06e8990aa95a4d321c709e9ba456c2656ad76d3d81fdc3834a6e56314141683873420f231098d12a5749fb1501029b9a4ef

    Score
    10/10
    remcosrat

    • Remcos

      Remcos is a closed-source remote control and surveillance software.

      ratremcos

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks