remcos | 075b0ee19107d1de51063e1ed8362107ce4b7c861bdef79a68f54f625e1b32bf | Triage

Submit
Reports

Overview

overview

Static

static

242E8F8CF9...D2.exe

windows7_x64

242E8F8CF9...D2.exe

windows10_x64

Sharing

General

Target

242E8F8CF9B0C7E60D952073A3F6C3D2.exe
Size

216KB
Sample

210425-4ezgm1embx
MD5

242e8f8cf9b0c7e60d952073a3f6c3d2
SHA1

d3ebbdb9170c4d9e989b0425b009653605f6bddf
SHA256

075b0ee19107d1de51063e1ed8362107ce4b7c861bdef79a68f54f625e1b32bf
SHA512

3fca7faa7fd7436c4f7569fcacca9506a147e514b60449d4b50f518e0e31459fced03f135af4ef19de554b953f153c8bb4cc48a3c6b098a87e36903ce8d1e2d4

Score

10^/10

remcos rat

Static task

static1

Behavioral task

behavioral1

Sample

242E8F8CF9B0C7E60D952073A3F6C3D2.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

242E8F8CF9B0C7E60D952073A3F6C3D2.exe

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

remcos

C2

185.158.115.38:5007

Targets

- Target
  
  242E8F8CF9B0C7E60D952073A3F6C3D2.exe
- Size
  
  216KB
- MD5
  
  242e8f8cf9b0c7e60d952073a3f6c3d2
- SHA1
  
  d3ebbdb9170c4d9e989b0425b009653605f6bddf
- SHA256
  
  075b0ee19107d1de51063e1ed8362107ce4b7c861bdef79a68f54f625e1b32bf
- SHA512
  
  3fca7faa7fd7436c4f7569fcacca9506a147e514b60449d4b50f518e0e31459fced03f135af4ef19de554b953f153c8bb4cc48a3c6b098a87e36903ce8d1e2d4
Score

10^/10

remcos rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy