remcos | 1054ef0573844efad4a56f57a5fef5fb4b630232efe366bf52bd039f1bffcff1 | Triage

Submit
Reports

Overview

overview

Static

static

訂購#7507,pdf.exe

windows7_x64

訂購#7507,pdf.exe

windows10_x64

Sharing

General

Target

訂購#7507,pdf.exe
Size

1.5MB
Sample

210120-mryk7mhwkj
MD5

5987aac5edf3d3f3f1ab51cdf586439a
SHA1

a92b1a432580303d6ecb3baabfdbc1f2ea4cfd96
SHA256

1054ef0573844efad4a56f57a5fef5fb4b630232efe366bf52bd039f1bffcff1
SHA512

72e17b52883c1e780c310ed38ac5d5f07507688c35d1f9d6272fb980795bbe38a03736df0970f701d3c0060945e7145969e93fecde263734f001160b7db33c89

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

訂購#7507,pdf.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

訂購#7507,pdf.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

movement2020.ddns.net:6735

Targets

- Target
  
  訂購#7507,pdf.exe
- Size
  
  1.5MB
- MD5
  
  5987aac5edf3d3f3f1ab51cdf586439a
- SHA1
  
  a92b1a432580303d6ecb3baabfdbc1f2ea4cfd96
- SHA256
  
  1054ef0573844efad4a56f57a5fef5fb4b630232efe366bf52bd039f1bffcff1
- SHA512
  
  72e17b52883c1e780c310ed38ac5d5f07507688c35d1f9d6272fb980795bbe38a03736df0970f701d3c0060945e7145969e93fecde263734f001160b7db33c89
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy