Overview

overview

10

Static

static

8

9210117e90...4b.exe

windows7_x64

10

9210117e90...4b.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9210117e9072e7a182bdb1e03fc0b1054f21f5287d1d32e1b23a41f3f6cae94b

  • Size

    2.6MB

  • Sample

    220128-yb993abgdj

  • MD5

    cfda445c91edc137dbfdb6ab8b291308

  • SHA1

    36b814c68e208eb258bbed364dc7a9bfbaccc75d

  • SHA256

    9210117e9072e7a182bdb1e03fc0b1054f21f5287d1d32e1b23a41f3f6cae94b

  • SHA512

    92e7826efaeb611147ee29ebbed8f11c330b93c684647a7c2bea8a61b273a953b938e8737196605fd57d33d369c6f5e885b3fc3f001cb580ba0a95732ac7cc50

Score
10/10
rmsrattrojanupx

Malware Config

Targets

    • Target

      9210117e9072e7a182bdb1e03fc0b1054f21f5287d1d32e1b23a41f3f6cae94b

    • Size

      2.6MB

    • MD5

      cfda445c91edc137dbfdb6ab8b291308

    • SHA1

      36b814c68e208eb258bbed364dc7a9bfbaccc75d

    • SHA256

      9210117e9072e7a182bdb1e03fc0b1054f21f5287d1d32e1b23a41f3f6cae94b

    • SHA512

      92e7826efaeb611147ee29ebbed8f11c330b93c684647a7c2bea8a61b273a953b938e8737196605fd57d33d369c6f5e885b3fc3f001cb580ba0a95732ac7cc50

    Score
    10/10
    rmsrattrojan

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

      trojanratrms

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks