Overview

overview

10

Static

static

TaskAudio Driver.exe

windows7_x64

10

TaskAudio Driver.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TaskAudio Driver.exe

  • Size

    1.4MB

  • Sample

    210114-d8l52yh3nx

  • MD5

    b9df5818eb24d26dd3aa91d733c948ba

  • SHA1

    3b4a3b7a9279dcc039337f43119b22694cb338c6

  • SHA256

    0263f401d5624ac940224924776925bf38008ebdda2ea5135e66db9c3e5758ad

  • SHA512

    21ddaa8dc463022b0515b9f8b2b852c4759ba5f4de2b49a2ff6b7ab0af05f7bea20242479a5029851b89a34914bffdec1d6e15b204a9f1de3abc40469cfd28d4

Score
10/10
remcosrat

Malware Config

Extracted

Family

remcos

C2

51.222.10.175:5861

Targets

    • Target

      TaskAudio Driver.exe

    • Size

      1.4MB

    • MD5

      b9df5818eb24d26dd3aa91d733c948ba

    • SHA1

      3b4a3b7a9279dcc039337f43119b22694cb338c6

    • SHA256

      0263f401d5624ac940224924776925bf38008ebdda2ea5135e66db9c3e5758ad

    • SHA512

      21ddaa8dc463022b0515b9f8b2b852c4759ba5f4de2b49a2ff6b7ab0af05f7bea20242479a5029851b89a34914bffdec1d6e15b204a9f1de3abc40469cfd28d4

    Score
    10/10
    remcosrat

    • Remcos

      Remcos is a closed-source remote control and surveillance software.

      ratremcos

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks