remcos | 9d692165cbb8d2a181769b723e7300b02f534fec4563d4bd155b4c293d6ebe72 | Triage

Sharing

General

Target

09000090INVOICE.exe
Size

210KB
Sample

210118-ctkvlb76v2
MD5

f4d2193e00008bd236c7658fc0cff060
SHA1

f6b7a99d48415ebb3ab6a178e211234e11040629
SHA256

9d692165cbb8d2a181769b723e7300b02f534fec4563d4bd155b4c293d6ebe72
SHA512

3383c50ca92c0eaabd487444057783e32da41fac60a5361dbf755e610ab86b48367d3cce338ebb17abf53d03154fe609d4b15eb9a02b999a5e249d4dcab7c88c

Score

10^/10

remcos rat

Malware Config

Targets

- Target
  
  09000090INVOICE.exe
- Size
  
  210KB
- MD5
  
  f4d2193e00008bd236c7658fc0cff060
- SHA1
  
  f6b7a99d48415ebb3ab6a178e211234e11040629
- SHA256
  
  9d692165cbb8d2a181769b723e7300b02f534fec4563d4bd155b4c293d6ebe72
- SHA512
  
  3383c50ca92c0eaabd487444057783e32da41fac60a5361dbf755e610ab86b48367d3cce338ebb17abf53d03154fe609d4b15eb9a02b999a5e249d4dcab7c88c
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2