rms | 513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b | Triage

Submit
Reports

Overview

overview

Static

static

513fc67323...5b.exe

windows7_x64

513fc67323...5b.exe

windows10_x64

Sharing

General

Target

513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b
Size

4.1MB
Sample

210515-n6vvbep5ds
MD5

2a13baea0cf11e3e7eb303649d46d6be
SHA1

0c0c8002304e1fd5a08adf1d51958eab9c9ff0f6
SHA256

513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b
SHA512

50cbe15785eb43524873f161be7fdb35abb7a394c18074adf240ac305dd99e6e404f20a9fc3b229e7dbe5f1e83e0b2929fec1caa5b57548a6ffdc35d8a60e73a

Score

10^/10

rms evasion rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b.exe

Resource

win7v20210408

rms evasion rat trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b.exe

Resource

win10v20210408

rms evasion rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b
- Size
  
  4.1MB
- MD5
  
  2a13baea0cf11e3e7eb303649d46d6be
- SHA1
  
  0c0c8002304e1fd5a08adf1d51958eab9c9ff0f6
- SHA256
  
  513fc6732361895ddf4477f737f3bcc12c514257415021eecf1117453fcacd5b
- SHA512
  
  50cbe15785eb43524873f161be7fdb35abb7a394c18074adf240ac305dd99e6e404f20a9fc3b229e7dbe5f1e83e0b2929fec1caa5b57548a6ffdc35d8a60e73a
Score

10^/10

rms evasion rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Executes dropped EXE
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

rmsevasionrattrojan

behavioral2

rmsevasionrattrojan

© 2018-2024

Terms | Privacy