Overview

overview

10

Static

static

Patch.exe

windows7_x64

7

Patch.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Patch.exe

  • Size

    474KB

  • Sample

    210305-sftm925ph2

  • MD5

    77129d13a7bccc7b9e39094970d3427a

  • SHA1

    1da9b6b55d5c2254c6a06c445f6e3152808e2201

  • SHA256

    61d765fbf5167d31f1d58f87668a59b9e3f54e8973f00cc307b062acba0dd3dd

  • SHA512

    ccdbe01345230320c0037d1602a3c971a93fa450184505ec1d17d01ac97f615640693de61993a86ef21a0366a7bd63b62b5397199fc942b4704d9ee4ee002e71

Score
10/10
remcosratupx

Malware Config

Targets

    • Target

      Patch.exe

    • Size

      474KB

    • MD5

      77129d13a7bccc7b9e39094970d3427a

    • SHA1

      1da9b6b55d5c2254c6a06c445f6e3152808e2201

    • SHA256

      61d765fbf5167d31f1d58f87668a59b9e3f54e8973f00cc307b062acba0dd3dd

    • SHA512

      ccdbe01345230320c0037d1602a3c971a93fa450184505ec1d17d01ac97f615640693de61993a86ef21a0366a7bd63b62b5397199fc942b4704d9ee4ee002e71

    Score
    10/10
    remcosratupx

    • Remcos

      Remcos is a closed-source remote control and surveillance software.

      ratremcos

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks