remcos | 08e0470a48ebeeee59903dd283d342ddae4b3b7e3c092fc61719a3bd4f063166 | Triage

Submit
Reports

Overview

overview

Static

static

atikmdag-p...er.exe

windows7_x64

8

atikmdag-p...er.exe

windows10_x64

Sharing

General

Target

atikmdag-patcher 1.4.8.zip
Size

5.4MB
Sample

210118-69t1fkmm62
MD5

36a7d86de9205494b572d9d25b43df16
SHA1

fed2bfbb5a6e076402d23cc9a67503d64214e1e2
SHA256

08e0470a48ebeeee59903dd283d342ddae4b3b7e3c092fc61719a3bd4f063166
SHA512

90a00589faf3bfc2eff115099c2f6aa9aecd24f0e941ec68d13504f0dacdf305602b77946c7291f93985d53b29eee6c92c77c9671e1e4ead6c0762b6e1db1683

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

atikmdag-patcher 1.4.8/atikmdag-patcher.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

atikmdag-patcher 1.4.8/atikmdag-patcher.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

5.45.87.29:8000

Targets

- Target
  
  atikmdag-patcher 1.4.8/atikmdag-patcher.exe
- Size
  
  2.9MB
- MD5
  
  5dc2c1bb5ccd25decce1c1814f3435ac
- SHA1
  
  3bd1484e0eabef3dce07fcefc79995cfaf5a54e8
- SHA256
  
  cb50306b9f47d5c817c1d700c7533f5b7ed50017b22b7e05fdbf5faddb769198
- SHA512
  
  ee5557135f179b807026c3b1062781f54978ba75ed932f404fbce6847f9ff2296c1f4455a50aa36ecaa1f0129340ec2feb11d81c6d9055ef633e30e36ae1dae1
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy