rms | c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea | Triage

Submit
Reports

Overview

overview

Static

static

c0d9e52388...ea.exe

windows7_x64

c0d9e52388...ea.exe

windows10_x64

Sharing

General

Target

c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea
Size

4.2MB
Sample

220128-w8k1bsaha4
MD5

eaf87c7f8adf7bdcd2878ccb350676f9
SHA1

beef0ee9397b01855c6daa2bff8002db4899b121
SHA256

c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea
SHA512

b81481f05f0817085cf7f91b9a269e7723d653e50d34925dd422cf60e250212a76af6dfb95eb812ffc735d6e264cdf6fe953e41727a08c5f94b0b8ee9a68a650

Score

10^/10

rms rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea
- Size
  
  4.2MB
- MD5
  
  eaf87c7f8adf7bdcd2878ccb350676f9
- SHA1
  
  beef0ee9397b01855c6daa2bff8002db4899b121
- SHA256
  
  c0d9e5238842dd573f6f7042b08ed7e11cfc6fa0daef30a68c837e89816c3eea
- SHA512
  
  b81481f05f0817085cf7f91b9a269e7723d653e50d34925dd422cf60e250212a76af6dfb95eb812ffc735d6e264cdf6fe953e41727a08c5f94b0b8ee9a68a650
Score

10^/10

rms rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy