Extracted

• • Target

    Quotation6547558,pdf.exe

  • Size

    706KB

  • MD5

    8dbeaa2200e3dd4d09247606d25bec31

  • SHA1

    72265ac4686a37571cdd1f7a6961853de166dc00

  • SHA256

    e45bc4ce4e4f84bedc7ec144517df1d16ea97b1803fa1b3cf21c581390b50bf8

  • SHA512

    c73fbe6c7300ccb33e6b293ab6218d605e52e20651a3bf22f2c51b2326fe63bd7b4b0978dbd190d714c3d889eb2d9256c62722d2180eba1e082db531d30f3ef2

  Score

  10^/10

  remcospersistencerat

  • Remcos

    Remcos is a closed-source remote control and surveillance software.

    ratremcos

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2