General
-
Target
sa.exe
-
Size
457KB
-
Sample
211020-q5qthshbb5
-
MD5
76662bbe0b86ceb909acefb97fb13dc9
-
SHA1
2c6e1d10e8e3e28eb94fd753583ecbfb9a5bfc56
-
SHA256
652dbade6f5b94c2245a8c0c16af2a11d189fc0ae21d1e08e7cd94fc22475194
-
SHA512
dd44afadf9cb2599c1c3267d7a222d19bad3435779f5a68b2563fc9318db6c575d04aadf5edb8867468385bb91670df64c91b7cc9c493fbb80a3608f412ffa08
Malware Config
Extracted
remcos
3.2.1 Pro
aa
jamaica123.ddns.net:3000
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
sddavaw-GVJM5M
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
notepad;solitaire;
Targets
-
-
Target
sa.exe
-
Size
457KB
-
MD5
76662bbe0b86ceb909acefb97fb13dc9
-
SHA1
2c6e1d10e8e3e28eb94fd753583ecbfb9a5bfc56
-
SHA256
652dbade6f5b94c2245a8c0c16af2a11d189fc0ae21d1e08e7cd94fc22475194
-
SHA512
dd44afadf9cb2599c1c3267d7a222d19bad3435779f5a68b2563fc9318db6c575d04aadf5edb8867468385bb91670df64c91b7cc9c493fbb80a3608f412ffa08
Score10/10-
Remcos
Remcos is a closed-source remote control and surveillance software.
-