Overview

overview

10

Static

static

rutserv.exe

windows7_x64

10

rutserv.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rutserv.exe

  • Size

    6.2MB

  • Sample

    210622-azr9lkafes

  • MD5

    90e027b39d2786d5b465a9dc53bf040e

  • SHA1

    5a9d6b1fcdaf4b2818a6eeca4f1c16a5c24dd9cf

  • SHA256

    99de2f7653107a227a79993aeb03b1bb443b66376c49ec590cf3a91d6cf184c8

  • SHA512

    097264ae7a20e90aaacda0546082c466aa90922c9242044cdb08d81953022164cda439c7fa9cbd989f73beafbd4d58b54fc1db6afa66f8ad4d446d06c17fc779

Score
10/10
rmsrattrojan

Malware Config

Targets

    • Target

      rutserv.exe

    • Size

      6.2MB

    • MD5

      90e027b39d2786d5b465a9dc53bf040e

    • SHA1

      5a9d6b1fcdaf4b2818a6eeca4f1c16a5c24dd9cf

    • SHA256

      99de2f7653107a227a79993aeb03b1bb443b66376c49ec590cf3a91d6cf184c8

    • SHA512

      097264ae7a20e90aaacda0546082c466aa90922c9242044cdb08d81953022164cda439c7fa9cbd989f73beafbd4d58b54fc1db6afa66f8ad4d446d06c17fc779

    Score
    10/10
    rmsrattrojan

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

      trojanratrms

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks