remcos | 939af6a45d6c3afd50ada0f312602f5850e8fa1d36767475134b7a3f560dcac6 | Triage

Sharing

General

Target

Ver PDF adjunto de la información URGENTE. Ver PDF adjunto de la información URGENTE..exe
Size

931KB
Sample

210422-yktbcwkqkj
MD5

d71820e1e40817a7b9b8d8ba826acac8
SHA1

758bdda14bec7abd4a8f2a2249a36219dc7a6d43
SHA256

939af6a45d6c3afd50ada0f312602f5850e8fa1d36767475134b7a3f560dcac6
SHA512

3e73a7a77a561b62086a5b215cc0a58501b70fc7f66d6a0aded0a3f83bef93197d8c8f13152cbc9dc846939e263b452e3022626ee56f814ac53490181ff76e98

Score

10^/10

remcos rat

Malware Config

Extracted

Family

remcos

C2

europarem.duckdns.org:1012

Targets

- Target
  
  Ver PDF adjunto de la información URGENTE. Ver PDF adjunto de la información URGENTE..exe
- Size
  
  931KB
- MD5
  
  d71820e1e40817a7b9b8d8ba826acac8
- SHA1
  
  758bdda14bec7abd4a8f2a2249a36219dc7a6d43
- SHA256
  
  939af6a45d6c3afd50ada0f312602f5850e8fa1d36767475134b7a3f560dcac6
- SHA512
  
  3e73a7a77a561b62086a5b215cc0a58501b70fc7f66d6a0aded0a3f83bef93197d8c8f13152cbc9dc846939e263b452e3022626ee56f814ac53490181ff76e98
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2