remcos | dcfaf32061b7ac3546b3d618dfea1372195cc4d57ff21de2cf6c918797cfa788 | Triage

Submit
Reports

Overview

overview

Static

static

kart gecmisi.exe

windows7_x64

kart gecmisi.exe

windows10_x64

Sharing

General

Target

kart gecmisi.exe
Size

578KB
Sample

210112-l469yarnxe
MD5

7495739b74f9944c06d6b005421af606
SHA1

79a1d3dc1a2c97c06f8749da5a9f4bc08ecc131f
SHA256

dcfaf32061b7ac3546b3d618dfea1372195cc4d57ff21de2cf6c918797cfa788
SHA512

3f6de9c9fbf290e9c28e724cfecbd2b00f33d63bd0c21b4da4cbe4d40a8ce62c39b57374da38df0bbd2c2783659c9464bbdd062c786ec96452ccd4d1792534d4

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

kart gecmisi.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

kart gecmisi.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

45.137.22.52:8780

Targets

- Target
  
  kart gecmisi.exe
- Size
  
  578KB
- MD5
  
  7495739b74f9944c06d6b005421af606
- SHA1
  
  79a1d3dc1a2c97c06f8749da5a9f4bc08ecc131f
- SHA256
  
  dcfaf32061b7ac3546b3d618dfea1372195cc4d57ff21de2cf6c918797cfa788
- SHA512
  
  3f6de9c9fbf290e9c28e724cfecbd2b00f33d63bd0c21b4da4cbe4d40a8ce62c39b57374da38df0bbd2c2783659c9464bbdd062c786ec96452ccd4d1792534d4
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy