General
-
Target
tmp/6862cf51b5546665e90e27a0a188ea8c468097f86b8b5d68fa0521f4cd3a9550.exe
-
Size
463KB
-
Sample
211210-kh3a5sfhb6
-
MD5
63ead0514c5352dc4a7af34b8205366f
-
SHA1
b28b346574521b65b67b59838dfc22b70bfd533e
-
SHA256
6862cf51b5546665e90e27a0a188ea8c468097f86b8b5d68fa0521f4cd3a9550
-
SHA512
aa23453ea399961760f2469688da8be1f6525b7ef9f8f19b655e6f97925795ce103e307282e60a587eb8886c90fc9c9f303ce266b3313fc11497cbc92b2b7e62
Malware Config
Extracted
remcos
3.3.2 Pro
aSmarany X
asmarany.ddns.me:5330
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
explorer.exe
-
copy_folder
explorer
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
true
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
almojrem-UP1V46
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
explorer
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
wikipedia;solitaire;
Targets
-
-
Target
tmp/6862cf51b5546665e90e27a0a188ea8c468097f86b8b5d68fa0521f4cd3a9550.exe
-
Size
463KB
-
MD5
63ead0514c5352dc4a7af34b8205366f
-
SHA1
b28b346574521b65b67b59838dfc22b70bfd533e
-
SHA256
6862cf51b5546665e90e27a0a188ea8c468097f86b8b5d68fa0521f4cd3a9550
-
SHA512
aa23453ea399961760f2469688da8be1f6525b7ef9f8f19b655e6f97925795ce103e307282e60a587eb8886c90fc9c9f303ce266b3313fc11497cbc92b2b7e62
Score10/10-
Remcos
Remcos is a closed-source remote control and surveillance software.
-