Overview

overview

10

Static

static

MV GENCO R... 1.exe

windows7_x64

1

MV GENCO R... 1.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MV GENCO RESOLUTE VOY 1.exe

  • Size

    708KB

  • Sample

    210510-vczft3tg6j

  • MD5

    84a0c62e8cf9fa26ca0d446d8883cf20

  • SHA1

    dbae83dda1b3f3112fad3d443d36181c3161362c

  • SHA256

    45f3e6d6f40de19bca584dfafdfac7a3f5fb9b481717a0997d9f9c2d78d58fad

  • SHA512

    9e94fe6bc3eee91d0a08339ea11e6ea2cae2e6f74a1acc2404e783f8728eb8404f2352690588a7d0bc97d102ba7ec05d86f7c1a8c34b2c0b052ea90d296bde21

Score
10/10
remcosrat

Malware Config

Extracted

Family

remcos

C2

185.244.26.244:5888

10.26.244.6:5888

Targets

    • Target

      MV GENCO RESOLUTE VOY 1.exe

    • Size

      708KB

    • MD5

      84a0c62e8cf9fa26ca0d446d8883cf20

    • SHA1

      dbae83dda1b3f3112fad3d443d36181c3161362c

    • SHA256

      45f3e6d6f40de19bca584dfafdfac7a3f5fb9b481717a0997d9f9c2d78d58fad

    • SHA512

      9e94fe6bc3eee91d0a08339ea11e6ea2cae2e6f74a1acc2404e783f8728eb8404f2352690588a7d0bc97d102ba7ec05d86f7c1a8c34b2c0b052ea90d296bde21

    Score
    10/10
    remcosrat

    • Remcos

      Remcos is a closed-source remote control and surveillance software.

      ratremcos

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks