General

  • Target

    b9d11c879d885b12b42c64c7c696ecc95c091e76f77c3aad53ecd554f0d2b907

  • Size

    5.0MB

  • Sample

    220129-c8s66abff4

  • MD5

    e766e4aa505dbef16c347be99d558db3

  • SHA1

    c50559be57b165a5d60a781137a106736510c944

  • SHA256

    b9d11c879d885b12b42c64c7c696ecc95c091e76f77c3aad53ecd554f0d2b907

  • SHA512

    894beabaf32b76c0af74654863c37c4c2afb2816b9580f4f5f9583568772c60de5c7afce765aaad2b63d388382a626d95ff5feca93a279196779ea8d42a26b5e

Score
10/10

Malware Config

Targets

    • Target

      b9d11c879d885b12b42c64c7c696ecc95c091e76f77c3aad53ecd554f0d2b907

    • Size

      5.0MB

    • MD5

      e766e4aa505dbef16c347be99d558db3

    • SHA1

      c50559be57b165a5d60a781137a106736510c944

    • SHA256

      b9d11c879d885b12b42c64c7c696ecc95c091e76f77c3aad53ecd554f0d2b907

    • SHA512

      894beabaf32b76c0af74654863c37c4c2afb2816b9580f4f5f9583568772c60de5c7afce765aaad2b63d388382a626d95ff5feca93a279196779ea8d42a26b5e

    Score
    10/10
    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

    • Executes dropped EXE

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks