remcos | 0ccee1c2d396c269e54c78081d7bd00c5694bc50e4ceedfcd3dc69d8ae40341a | Triage

Submit
Reports

Overview

overview

Static

static

訂購#7507,pdf.exe

windows7_x64

訂購#7507,pdf.exe

windows10_x64

Sharing

General

Target

訂購#7507,pdf.exe
Size

1.6MB
Sample

210120-pqf4vzvmd2
MD5

f6cb48b7da58c0de80dff93330eff8fb
SHA1

3d079055b78a8388bb86541e7540923d26145df8
SHA256

0ccee1c2d396c269e54c78081d7bd00c5694bc50e4ceedfcd3dc69d8ae40341a
SHA512

1441d87f5a0f37f3aceee5ed7647fa303a2d5fa1c3009d4fc3538b9984a6758bb4b833dc8b79ca56cd6795486e5529beb2f0aeaf81e11942e9c993d83fe7c2e3

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

訂購#7507,pdf.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

訂購#7507,pdf.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

movement2020.ddns.net:6735

Targets

- Target
  
  訂購#7507,pdf.exe
- Size
  
  1.6MB
- MD5
  
  f6cb48b7da58c0de80dff93330eff8fb
- SHA1
  
  3d079055b78a8388bb86541e7540923d26145df8
- SHA256
  
  0ccee1c2d396c269e54c78081d7bd00c5694bc50e4ceedfcd3dc69d8ae40341a
- SHA512
  
  1441d87f5a0f37f3aceee5ed7647fa303a2d5fa1c3009d4fc3538b9984a6758bb4b833dc8b79ca56cd6795486e5529beb2f0aeaf81e11942e9c993d83fe7c2e3
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy