rms | 18ccca8cb507a80d437a22ef4d071707986dd6df3afe270bc46969249bb7b19e | Triage

Submit
Reports

Overview

overview

Static

static

8

18CCCA8CB5...E2.exe

windows7_x64

18CCCA8CB5...E2.exe

windows10_x64

Sharing

General

Target

18CCCA8CB507A80D437A22EF4D071707986DD6DF3AFE2.exe
Size

4.9MB
Sample

211107-t1yv4saeg2
MD5

c91241304c61f76067d075b7e7068060
SHA1

4e8029c21b52a282c79472b30e324e0c8f31d2d6
SHA256

18ccca8cb507a80d437a22ef4d071707986dd6df3afe270bc46969249bb7b19e
SHA512

ac0bc84c409fc0529f3d13f77096d87db81207a25a628c7ffbd5adf5fc2b9df16df365036aea49f303c38e80dd27675afae47baa70cd87127ec4e8645f8cecb8

Score

10^/10

rms aspackv2 rat trojan upx vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

18CCCA8CB507A80D437A22EF4D071707986DD6DF3AFE2.exe

Resource

win7-en-20211104

rms aspackv2 rat trojan upx vmprotect

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

18CCCA8CB507A80D437A22EF4D071707986DD6DF3AFE2.exe

Resource

win10-en-20211014

rms aspackv2 rat trojan upx vmprotect

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  18CCCA8CB507A80D437A22EF4D071707986DD6DF3AFE2.exe
- Size
  
  4.9MB
- MD5
  
  c91241304c61f76067d075b7e7068060
- SHA1
  
  4e8029c21b52a282c79472b30e324e0c8f31d2d6
- SHA256
  
  18ccca8cb507a80d437a22ef4d071707986dd6df3afe270bc46969249bb7b19e
- SHA512
  
  ac0bc84c409fc0529f3d13f77096d87db81207a25a628c7ffbd5adf5fc2b9df16df365036aea49f303c38e80dd27675afae47baa70cd87127ec4e8645f8cecb8
Score

10^/10

rms aspackv2 rat trojan upx vmprotect
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsaspackv2rattrojanupxvmprotect

behavioral2

rmsaspackv2rattrojanupxvmprotect

© 2018-2025

Terms | Privacy