General

  • Target

    RH000000000.z

  • Size

    116KB

  • Sample

    210421-h3qy415gts

  • MD5

    261551f0851d008213fce9abeb6059a0

  • SHA1

    99a044ec42457cb6540fa18cf7afa323a466f79f

  • SHA256

    5346bacc42e2541bc869ab09059845b051db0252a8c4951f0839975329f6ea8c

  • SHA512

    4d843c77c48e8319c79a5978b932d36764132d3586579178eaffab6e0420dc611ac72730e5009eab035d1fe8fc1b84c24327cd34ca46c19d6de6200f2cf450f1

Score
10/10

Malware Config

Targets

    • Target

      RH000000000.exe

    • Size

      130KB

    • MD5

      708cedb9e504dd660eda652c55e0c4f6

    • SHA1

      48cdb417b10378e145dc0dc64ef8d39afc26a2ba

    • SHA256

      87bab76334df782e3a17c6aa2ae2545d366de0dc436f2d15aeef1787340a3deb

    • SHA512

      e76ea7b868a99555fbdfc2a20081e41f2cc3672287d369b101dd64d0bee3cc1aee7a30137e548ea0df98b467783e7bd3f0087422b15133608465b505a9805903

    Score
    10/10
    • Remcos

      Remcos is a closed-source remote control and surveillance software.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks