remcos | 752e630f25742712a9cd9c816c7e507b12b1dbbbc9237c7730ee2de4247ec369 | Triage

Submit
Reports

Overview

overview

Static

static

1

Ordem urge...DF.exe

windows7_x64

Ordem urge...DF.exe

windows10_x64

Sharing

General

Target

Ordem urgente AWB674653783- FF2453,PDF.exe
Size

202KB
Sample

210422-km2qzwbbs6
MD5

0b6f8282e4011738c0f25219a82e9002
SHA1

78e47cb6b183cc7af8ca015ea8bde1a1fc813f72
SHA256

752e630f25742712a9cd9c816c7e507b12b1dbbbc9237c7730ee2de4247ec369
SHA512

83fe7c4e4bab8d310a1773b35f503772c6d55a57e46be68acd8c955c48ec01216cda451a48de27a68b90644e494728301369615071b5c4c8e8abe78db8bd750c

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

Ordem urgente AWB674653783- FF2453,PDF.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Ordem urgente AWB674653783- FF2453,PDF.exe

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

prayerarequesttojah.ddns.net:4344

Targets

- Target
  
  Ordem urgente AWB674653783- FF2453,PDF.exe
- Size
  
  202KB
- MD5
  
  0b6f8282e4011738c0f25219a82e9002
- SHA1
  
  78e47cb6b183cc7af8ca015ea8bde1a1fc813f72
- SHA256
  
  752e630f25742712a9cd9c816c7e507b12b1dbbbc9237c7730ee2de4247ec369
- SHA512
  
  83fe7c4e4bab8d310a1773b35f503772c6d55a57e46be68acd8c955c48ec01216cda451a48de27a68b90644e494728301369615071b5c4c8e8abe78db8bd750c
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy