Resubmissions

19-01-2021 19:07

210119-xpcjx3wbd2 10

19-01-2021 12:54

210119-184alhd1ya 10

General

  • Target

    VOR001 - McMurray Statements December 2020_87373535737522772662626.exe

  • Size

    724KB

  • Sample

    210119-xpcjx3wbd2

  • MD5

    646b944db8049fc561937d4eb5cbc75f

  • SHA1

    3a16930acd6bb11285c66f334fff430588fb2bb2

  • SHA256

    817a2e3808a201ec10ce3c1181e88a0d88f1605dc2c31e2809f3b3d7340959d0

  • SHA512

    cf8d3c3d2c4c703b77dcf7de3c6529773f432ce695f0a3e812272f8ee070e709c757af1aff584497b186249291e8b426a66397f20da7fc59f53d3d4abd296b3c

Malware Config

Targets

    • Target

      VOR001 - McMurray Statements December 2020_87373535737522772662626.exe

    • Size

      724KB

    • MD5

      646b944db8049fc561937d4eb5cbc75f

    • SHA1

      3a16930acd6bb11285c66f334fff430588fb2bb2

    • SHA256

      817a2e3808a201ec10ce3c1181e88a0d88f1605dc2c31e2809f3b3d7340959d0

    • SHA512

      cf8d3c3d2c4c703b77dcf7de3c6529773f432ce695f0a3e812272f8ee070e709c757af1aff584497b186249291e8b426a66397f20da7fc59f53d3d4abd296b3c

    Score
    10/10
    • Remcos

      Remcos is a closed-source remote control and surveillance software.

    • Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Tasks