rms | 9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36 | Triage

Submit
Reports

Overview

overview

Static

static

9b1bd4ac06...36.exe

windows7_x64

9b1bd4ac06...36.exe

windows10_x64

Sharing

General

Target

9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36
Size

9.3MB
Sample

220129-e1gjhadbc8
MD5

9d5501a42d0e63e0689909ff81326f38
SHA1

9d0ea6c305ea69146be1d5174235a665eb787a79
SHA256

9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36
SHA512

b8c4e113285df71331ee89b11051fd686444bd2ee319664b07edfa928a7de0ed4750ef5e8ec7fdfaeb47723882d95b11ce9183da959a554783f9a6af50e22670

Score

10^/10

rms rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36
- Size
  
  9.3MB
- MD5
  
  9d5501a42d0e63e0689909ff81326f38
- SHA1
  
  9d0ea6c305ea69146be1d5174235a665eb787a79
- SHA256
  
  9b1bd4ac06317156fdd4d2cb6b416ed81ad2785ca3d14370f39b16dcde4aba36
- SHA512
  
  b8c4e113285df71331ee89b11051fd686444bd2ee319664b07edfa928a7de0ed4750ef5e8ec7fdfaeb47723882d95b11ce9183da959a554783f9a6af50e22670
Score

10^/10

rms rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy