General

  • Target

    90800000900.exe

  • Size

    546KB

  • Sample

    210506-3ngtnqwzt2

  • MD5

    390e87a9700a9d35c4042fb52cb59ae4

  • SHA1

    b392394cd99600367d800a1565b35098a45d8fb6

  • SHA256

    562d8f8c0557824cf0f95d646e61d38822ca8b661173f89c5b601cd1f4c4a824

  • SHA512

    17265076ac622bc7af1cf54f5744e07d670f3447606e18e44d5f1e4ebc90ce99a95afa2e9eff5193e085edbebf9083219fdb7f87ba37b9f67bd7f031d341fc04

Score
10/10

Malware Config

Targets

    • Target

      90800000900.exe

    • Size

      546KB

    • MD5

      390e87a9700a9d35c4042fb52cb59ae4

    • SHA1

      b392394cd99600367d800a1565b35098a45d8fb6

    • SHA256

      562d8f8c0557824cf0f95d646e61d38822ca8b661173f89c5b601cd1f4c4a824

    • SHA512

      17265076ac622bc7af1cf54f5744e07d670f3447606e18e44d5f1e4ebc90ce99a95afa2e9eff5193e085edbebf9083219fdb7f87ba37b9f67bd7f031d341fc04

    Score
    10/10
    • Remcos

      Remcos is a closed-source remote control and surveillance software.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks